General

  • Target

    11fcfecc1591fa5f1e482433bbc3c11e_JaffaCakes118

  • Size

    17.7MB

  • MD5

    11fcfecc1591fa5f1e482433bbc3c11e

  • SHA1

    e63df40df24d62979fab5d02475f8bcc785ab191

  • SHA256

    408bfb3a5628f1d2c5560db3b5523b69a9d3f153aed5bb23502661c7e5062201

  • SHA512

    c540c6b4a47560b9d5d0681ff45a48d765760284276ec941a59f42c6d7731721396fc85927ed18834a03d7a897c9bc2a2d03329116661e3d70c90ee71b3ff0e8

  • SSDEEP

    196608:Ta9+6Y7SOEibgRPghN1qfkuQZGBfWlZPzmGP8wa9+6Y7SOEibgRPghN1qfkuQZGj:TFgRaNQfkuHWaG5FgRaNQfkuHWaGY

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 1 IoCs
  • Privateloader family
  • XMRig Miner payload 1 IoCs
  • Xmrig family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 11fcfecc1591fa5f1e482433bbc3c11e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections