Overview

overview

10

Static

static

10

Empiresx.exe

windows7-x64

10

Empiresx.exe

windows10-2004-x64

10

EmpiresxHD.dll

windows7-x64

1

EmpiresxHD.dll

windows10-2004-x64

1

ExWE.dll

windows7-x64

3

ExWE.dll

windows10-2004-x64

3

WEData/9x/dplayx.dll

windows7-x64

1

WEData/9x/dplayx.dll

windows10-2004-x64

1

WEData/nt/dplayx.dll

windows7-x64

1

WEData/nt/dplayx.dll

windows10-2004-x64

1

dplayx.dll

windows7-x64

1

dplayx.dll

windows10-2004-x64

1

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

�...̳.url

windows7-x64

1

�...̳.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    5c74cfb4601570468bf7fd8f52d43189_JaffaCakes118

  • Size

    1.2MB

  • MD5

    5c74cfb4601570468bf7fd8f52d43189

  • SHA1

    6cddafb6ead48c3dce76f72704d053946ed29e67

  • SHA256

    525b77b1d45a672ca89b0ddca24cb720d6bbe6b97ca70fb96bea8ed7322218b0

  • SHA512

    f91be8f64eb6cead598b1681b2612f6ae0fc13257e795862351c099df714577765d2b1bc5226f5ff9851f317ee7c3f2b54635a3121cf190942e108ff024a0cc5

  • SSDEEP

    24576:ippGOvUKgjuCeFPWVcbOYZeS9kEai1pOd8VksIHHv1MHxrD7ZppGOvg:ippGmgjuHFPucbOYZeS9lai1i8VksIea

Score
10/10
blackmoon

Malware Config

Signatures

  • Blackmoon family
    blackmoon
  • Detect Blackmoon payload 1 IoCs
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 5c74cfb4601570468bf7fd8f52d43189_JaffaCakes118
    .zip
  • Empiresx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • EmpiresxHD.dll
    .dll windows:4 windows x86 arch:x86

    d73e905c3a2c7f47d764bd093ffca717


    Headers

    Imports

    Exports

    Sections

  • ExWE.dll
    .dll windows:4 windows x86 arch:x86

    44703c317344859e5841b59e2d53e823


    Headers

    Imports

    Exports

    Sections

  • WEData/9x/dplayx.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    8801d8b8edba26106439eeba140ae35c


    Headers

    Imports

    Exports

    Sections

  • WEData/TCF.CFG
  • WEData/nt/dplayx.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    1de4d89ff3f84919cb8a2ad2676452c7


    Headers

    Imports

    Exports

    Sections

  • WEData/ʹ÷.txt
  • WEData/˵.txt
  • WEData/¼¼.txt
  • dplayx.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    1de4d89ff3f84919cb8a2ad2676452c7


    Headers

    Imports

    Exports

    Sections

  • սƽ̨.url
  • ̳.url