General
-
Target
JaffaCakes118_1c9257a84c6862deeb28a932465d1909c1939f33e680c6ca3c1372b2c5fe7283
-
Size
1.2MB
-
Sample
241224-dx2vla1jfy
-
MD5
a47d4d6683a826883632d37f9c6a1fd2
-
SHA1
5722afafffd8ae8f81c92a40e8e2e01ead0a2f3f
-
SHA256
1c9257a84c6862deeb28a932465d1909c1939f33e680c6ca3c1372b2c5fe7283
-
SHA512
f8a0e648a8e825ed706805610172ee00f4009197ee9748a3019a305579956ef57cae886f9f608c2e358c3adb3d52e07be61deaa4bf5fa6e077ffab2742d44172
-
SSDEEP
24576:uB0NWp6nr52LyDXRfJ5dwEztbXCmAUscM7P8g6A7Vpg83atTUHnlr:uBSDnV3XRfJ/emAUscMoCVuw
Behavioral task
behavioral1
Sample
JaffaCakes118_1c9257a84c6862deeb28a932465d1909c1939f33e680c6ca3c1372b2c5fe7283.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
JaffaCakes118_1c9257a84c6862deeb28a932465d1909c1939f33e680c6ca3c1372b2c5fe7283
-
Size
1.2MB
-
MD5
a47d4d6683a826883632d37f9c6a1fd2
-
SHA1
5722afafffd8ae8f81c92a40e8e2e01ead0a2f3f
-
SHA256
1c9257a84c6862deeb28a932465d1909c1939f33e680c6ca3c1372b2c5fe7283
-
SHA512
f8a0e648a8e825ed706805610172ee00f4009197ee9748a3019a305579956ef57cae886f9f608c2e358c3adb3d52e07be61deaa4bf5fa6e077ffab2742d44172
-
SSDEEP
24576:uB0NWp6nr52LyDXRfJ5dwEztbXCmAUscM7P8g6A7Vpg83atTUHnlr:uBSDnV3XRfJ/emAUscMoCVuw
-
Blackmoon family
-
Detect Blackmoon payload
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-