General
-
Target
5dc8d4d250d8ad95108106812053f12e_JaffaCakes118
-
Size
5.1MB
-
Sample
240520-hxk93aha63
-
MD5
5dc8d4d250d8ad95108106812053f12e
-
SHA1
ba67d6de7a81333e273213d2b485e8d58c63e479
-
SHA256
aafa55831b65c06f4c8e1f3037364862b05c8518ebb7506b826b3e5f71a79b84
-
SHA512
877ecb35c364d56690bc2f72fa084f074ad9179dd0dbe5d60d303e4544c0383b2d7c0abbf0c0517655c1349e45147627533b53acf37e19cde324006ce2266257
-
SSDEEP
98304:+qvpi1bMi7gJEV2771PZubvL/6A6H4hmRbN17hDqSwNKPO3ToUu4cxKT:Po1b/hV2zueL4hETrSKW3ToR48KT
Static task
static1
Behavioral task
behavioral1
Sample
Dig Or Die V0.046.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Dig Or Die V0.046.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
IFG.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
IFG.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
lol界面修改器v11.0.exe
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
lol界面修改器v11.0.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
sysbin.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
Dig Or Die V0.046.dll
-
Size
4.2MB
-
MD5
34e0da6d8448ea13404f35e8c77da607
-
SHA1
a4bcc0276388057bbb8639634ee2d71cc29b67ed
-
SHA256
d31a71fe8d11734649f71a1769463a9eafdbfa2df368f318b5f9a13eadad542c
-
SHA512
c52d187a74333db954e66cd6000a66d010db60142c88e07dfcc429c2f3790da69dde7a963927ad3174dd2496222b4bdd9fba05ddf2d1fde64fa9771533a90926
-
SSDEEP
98304:tL8q/Zc/BYrge6/Bev98bt3YGJxpwZMtQAtgU5:tRIyZ6Zev98x3JfEfa5
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
IFG.dll
-
Size
16KB
-
MD5
f2057b1fe8d4f94ce85a780a83ca91b1
-
SHA1
fd3ac5352c04b9e474528d990502d62ee8bbc1fe
-
SHA256
60773f548cd10df618283f3a82dd3988142e23c1e6506c32597f268333c15bdf
-
SHA512
d096b8d0c57ba0af9cbb150a5fcb22a47b9c482f26d6bc9d2e621a70b12b53efa26e2eacc4e4092a3f8526410bee9e78fe93378121cad545e09ebe2f502a0026
-
SSDEEP
96:ekqGjuhvTj85qNSuANMl6uiCo0GUSrX5Ei2:zSFH85UlANaihjWi
Score1/10 -
-
-
Target
lol界面修改器v11.0.exe
-
Size
2.1MB
-
MD5
9fa4a20977b018bd96f8ae0be907444b
-
SHA1
0f62ffcfd58e7b98a41d7dd708c84d19eb785ef3
-
SHA256
250ff5489c72c97b4cea4e849ce8a638774e51c9632915668b1b0c3455b5f3c4
-
SHA512
715b88825d9ed4da770f4c226a37e57e589e1806a4e000fdfba223cc94647e89c6bca793f194fb27fa98436b57aaa074f1bdad7054070a60daf295810e542c1a
-
SSDEEP
49152:p1Kx6J8AqA+exegCSW8dAcDcfPd76vIcXO5oioLTgAHaAtsdZnqx4aqG74OrwbIc:pnC7+USdBVTdb
-
Detect Blackmoon payload
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
sysbin.exe
-
Size
243KB
-
MD5
efa25924138ef8e4ad1d6438fe9dcd59
-
SHA1
629dfd73a63e9959ac4818042aec940b2ba3818a
-
SHA256
d0977ae7f56174dba4e334241d1c91a11d5f5977e3f602947515c0eb98da8555
-
SHA512
6ad59f237ec2b1764d0f166656fc3840439d9ce2cb809384fea9e65e51dead6ddd7e26e5d340f0b8a84fcde24c12af15994f9cb3eb14658b659b5d3bb61c7c7b
-
SSDEEP
6144:T7kvUwPwxmnriXB3ggz43Nb8y0olOjIcQwGte:T7mP5riXB3K3hlZwGte
-
Detect Blackmoon payload
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-