General

  • Target

    044e98c2f9fb4c6966970e32ef11a6a3_JaffaCakes118

  • Size

    211KB

  • Sample

    240428-eddjbsfg6t

  • MD5

    044e98c2f9fb4c6966970e32ef11a6a3

  • SHA1

    29d7fe446b8e57e0e9fb66ae05dafdfdbccc510a

  • SHA256

    bcb5089a4953d599c0cc71b3b15b865ff83aa1aea71f69900e60420c67b5f012

  • SHA512

    0183a413af5799f19f998abd05cfe6125037c370de025976d97afa82e8acd4c267d4a46f34b445bf110539c404b8c7662523c6dbd6faf96b27d5683b0ded0146

  • SSDEEP

    3072:EhOm2sI93UufdC67ciyt3ujFf7TQsq5Va9h9Z:Ecm7ImGddXyt38TU5WZ

Malware Config

Targets

    • Target

      044e98c2f9fb4c6966970e32ef11a6a3_JaffaCakes118

    • Size

      211KB

    • MD5

      044e98c2f9fb4c6966970e32ef11a6a3

    • SHA1

      29d7fe446b8e57e0e9fb66ae05dafdfdbccc510a

    • SHA256

      bcb5089a4953d599c0cc71b3b15b865ff83aa1aea71f69900e60420c67b5f012

    • SHA512

      0183a413af5799f19f998abd05cfe6125037c370de025976d97afa82e8acd4c267d4a46f34b445bf110539c404b8c7662523c6dbd6faf96b27d5683b0ded0146

    • SSDEEP

      3072:EhOm2sI93UufdC67ciyt3ujFf7TQsq5Va9h9Z:Ecm7ImGddXyt38TU5WZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks