General
-
Target
JaffaCakes118_bccf999b89a17f479e2c03ac1436da8a
-
Size
13KB
-
Sample
250418-gfz68avsbx
-
MD5
bccf999b89a17f479e2c03ac1436da8a
-
SHA1
3b7e23867d452889100e9d8095294a1e382c711f
-
SHA256
4ab25c891c12d652edc2a44d2d6e0216f4d80a8646671d2032fb29244459c626
-
SHA512
17baeeed9372c684a653eef00be540488a8954b5179feb4bf83ad6306602c71f73744e77f872733a8994a6c4e1aa698b36f6333d01d91f88a52ca40e87d764af
-
SSDEEP
384:NLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:eSagh0Qu1UkKE7AF
Malware Config
Targets
-
-
Target
JaffaCakes118_bccf999b89a17f479e2c03ac1436da8a
-
Size
13KB
-
MD5
bccf999b89a17f479e2c03ac1436da8a
-
SHA1
3b7e23867d452889100e9d8095294a1e382c711f
-
SHA256
4ab25c891c12d652edc2a44d2d6e0216f4d80a8646671d2032fb29244459c626
-
SHA512
17baeeed9372c684a653eef00be540488a8954b5179feb4bf83ad6306602c71f73744e77f872733a8994a6c4e1aa698b36f6333d01d91f88a52ca40e87d764af
-
SSDEEP
384:NLOTSoMaHAhzQYVu1TY7gKJEmizmzCaF1FY:eSagh0Qu1UkKE7AF
Score10/10-
Andromeda family
-
Andromeda, Gamarue
Andromeda, also known as Gamarue, is a modular botnet malware primarily used for distributing other types of malware and it's written in C++.
-
Detects Andromeda payload.
-
Adds policy Run key to start application
-
Deletes itself
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-