General
-
Target
JaffaCakes118_236703a19ce7e03ea9216da5ed4cf8a9
-
Size
36KB
-
Sample
250226-b5cvbszpt2
-
MD5
236703a19ce7e03ea9216da5ed4cf8a9
-
SHA1
7c0d099167eb860e4c58fa46d1a0ffec4e1fef64
-
SHA256
e0124eb4277281b979d7bea79071cb7839ddab32d2e07d271262086457dae5d6
-
SHA512
e0111a4c73d535e0a256063f2db8b7ecc2d2226cc6f089c74b6956876671b28570f1746d59fd48d7e3c52b0fe4c8877add2e1f0772fd47c6329113560d0a0323
-
SSDEEP
768:n9N++RhsdR+TXl7SvIZhuxtUZn2BvsHLX6JwPIILI:9Y+KDCXNZhstUw1sHLewDc
Malware Config
Targets
-
-
Target
JaffaCakes118_236703a19ce7e03ea9216da5ed4cf8a9
-
Size
36KB
-
MD5
236703a19ce7e03ea9216da5ed4cf8a9
-
SHA1
7c0d099167eb860e4c58fa46d1a0ffec4e1fef64
-
SHA256
e0124eb4277281b979d7bea79071cb7839ddab32d2e07d271262086457dae5d6
-
SHA512
e0111a4c73d535e0a256063f2db8b7ecc2d2226cc6f089c74b6956876671b28570f1746d59fd48d7e3c52b0fe4c8877add2e1f0772fd47c6329113560d0a0323
-
SSDEEP
768:n9N++RhsdR+TXl7SvIZhuxtUZn2BvsHLX6JwPIILI:9Y+KDCXNZhstUw1sHLewDc
Score10/10-
Andromeda family
-
Andromeda, Gamarue
Andromeda, also known as Gamarue, is a modular botnet malware primarily used for distributing other types of malware and it's written in C++.
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-