General
-
Target
e4c927e18dd08913a9d5cc03aa465583_JaffaCakes118
-
Size
54KB
-
Sample
241212-fkdy4swjfm
-
MD5
e4c927e18dd08913a9d5cc03aa465583
-
SHA1
f4b2aedc4b4a807ef4e12c05f1c40c3b54dafb15
-
SHA256
a807babce59c19a3e1f6f9b40d126d0dce736f351144633f94641d8db0f6da5d
-
SHA512
9e7392e1716132384ab05822f2276675022a57834923b28600b13b986dfd9721abf06183c732016349615b6f8482561f524fd0803ff47f4657fec0476fc87041
-
SSDEEP
1536:J/JKZkqbwftqly/we2nMymuhpSg7YUIS7nCoOkBUu:JSkywFqly/wR5Lhp/8U15U
Static task
static1
Behavioral task
behavioral1
Sample
e4c927e18dd08913a9d5cc03aa465583_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e4c927e18dd08913a9d5cc03aa465583_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e4c927e18dd08913a9d5cc03aa465583_JaffaCakes118
-
Size
54KB
-
MD5
e4c927e18dd08913a9d5cc03aa465583
-
SHA1
f4b2aedc4b4a807ef4e12c05f1c40c3b54dafb15
-
SHA256
a807babce59c19a3e1f6f9b40d126d0dce736f351144633f94641d8db0f6da5d
-
SHA512
9e7392e1716132384ab05822f2276675022a57834923b28600b13b986dfd9721abf06183c732016349615b6f8482561f524fd0803ff47f4657fec0476fc87041
-
SSDEEP
1536:J/JKZkqbwftqly/we2nMymuhpSg7YUIS7nCoOkBUu:JSkywFqly/wR5Lhp/8U15U
Score10/10-
Andromeda family
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-