General

  • Target

    06cf9b03bef18de284bf2a059916f267_JaffaCakes118

  • Size

    2.5MB

  • MD5

    06cf9b03bef18de284bf2a059916f267

  • SHA1

    32cb359f7e2064281c7be8024c8b6136c1dccd3e

  • SHA256

    01f540bc589d169e2c7533d5bfd1a59c70eb2c77b17aa1a8f02a6ac9f4043fd0

  • SHA512

    892cc2c6732a1799e93892d1479762ae594fdb70152a43bbbc910a6fb10641b025653c8ca7c347288b5e2b23fec94d04a13a4ee3ff4100cf97cd96c8a7ae930f

  • SSDEEP

    49152:0aET7MCS3TPmGqsBEQ/lbuRh/EDyNtPFtDMAuyHu+ox/bKiktbuRN0yPoRnMqcSF:0TTJasQ/Gh/EDyrFtDMSujNuuIH7cSF

Score
10/10

Malware Config

Signatures

  • Blackmoon family
  • Detect Blackmoon payload 2 IoCs
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 06cf9b03bef18de284bf2a059916f267_JaffaCakes118
    .zip
  • QQRobots 6.7 Build 13327 Release 2/QQRobots.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • QQRobots 6.7 Build 13327 Release 2/QQRobotsApi.dll
    .dll windows:4 windows x86 arch:x86

    ef0ab8ad4fc268eec488d76f29bf4400


    Headers

    Imports

    Exports

    Sections

  • QQRobots 6.7 Build 13327 Release 2/RobotProtect.exe
    .exe windows:4 windows x86 arch:x86

    798191466ccc2e12aaa14cf4e0b0f50b


    Headers

    Imports

    Sections

  • QQRobots 6.7 Build 13327 Release 2/Settings.ini
  • fwvv.net˵.txt
  • ˵.html
    .html