Overview

overview

10

Static

static

10

125474b3a8...18.exe

windows7-x64

10

125474b3a8...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    125474b3a89ddd5bd88a0db047f48b5d_JaffaCakes118

  • Size

    14.8MB

  • MD5

    125474b3a89ddd5bd88a0db047f48b5d

  • SHA1

    5f32741c1828e375fec9d629d32215704e984357

  • SHA256

    26a06c8d36e8c24c664eb78a127874afcc4b18e81ade753dc660360c7217d92c

  • SHA512

    32235bcfec0f020c640570a3391f6864520eeb180f0a20ecd28b6715dba665daf878965b6b1b3c1b63fc1fac5ed7541886b4d42717ba88754b2f1c99c20a7491

  • SSDEEP

    196608:Ta9+6Y7SOEibgRYBTYSOyHSn6Ra9+6Y7SOEibgRYBTYSOyHSn6O:TFgRYBKn6RFgRYBKn6O

Score
10/10
minerupxblackmoonxmrigprivateloader

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • Privateloader family
    privateloader
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 125474b3a89ddd5bd88a0db047f48b5d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections