General
-
Target
JaffaCakes118_d5706093e328e18de4b1f58153289f5943af8c47bf708f0989d4d874451ee418
-
Size
1.2MB
-
Sample
241224-y3st4awpgk
-
MD5
1f628b623ba715793f3165eae742d614
-
SHA1
c332e2272c4e6bda48a5c4fb3698fb48bcd4df5e
-
SHA256
d5706093e328e18de4b1f58153289f5943af8c47bf708f0989d4d874451ee418
-
SHA512
96a2119125c52c6be77c3c0ad2b5a63705ea174e68b126b5969ccf07804b458fe23d6cbd3cb2b3beb6fc706e2c3a9a04c93166c8db9edb094d45b88d4853b758
-
SSDEEP
24576:cB0NWp6nr52LyDXRfJ5dwEztbXCmAUscM7P8g6A7Vpg83atTUHnlr:cBSDnV3XRfJ/emAUscMoCVuw
Behavioral task
behavioral1
Sample
JaffaCakes118_d5706093e328e18de4b1f58153289f5943af8c47bf708f0989d4d874451ee418.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
JaffaCakes118_d5706093e328e18de4b1f58153289f5943af8c47bf708f0989d4d874451ee418
-
Size
1.2MB
-
MD5
1f628b623ba715793f3165eae742d614
-
SHA1
c332e2272c4e6bda48a5c4fb3698fb48bcd4df5e
-
SHA256
d5706093e328e18de4b1f58153289f5943af8c47bf708f0989d4d874451ee418
-
SHA512
96a2119125c52c6be77c3c0ad2b5a63705ea174e68b126b5969ccf07804b458fe23d6cbd3cb2b3beb6fc706e2c3a9a04c93166c8db9edb094d45b88d4853b758
-
SSDEEP
24576:cB0NWp6nr52LyDXRfJ5dwEztbXCmAUscM7P8g6A7Vpg83atTUHnlr:cBSDnV3XRfJ/emAUscMoCVuw
-
Blackmoon family
-
Detect Blackmoon payload
-
Server Software Component: Terminal Services DLL
-
Deletes itself
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-