General

  • Target

    070f093bcb14d633034104441bec14ca_JaffaCakes118

  • Size

    292KB

  • Sample

    240429-hplwmach84

  • MD5

    070f093bcb14d633034104441bec14ca

  • SHA1

    c65e13bb42d99c15f7ea27cb4332f2727fa51788

  • SHA256

    c5849834fae3e30056cafee1ab12c230b67bd1dc9819e9ead2c267e5f03c3dce

  • SHA512

    25c1f49a4ad0cb0dd0cb71d3e5b0c7300659cbc0d97fa91fe6e011334773b77d1207f9257159154eb66be31913c3b6c04eb4f3426718feb1454cf67eeef8ad9e

  • SSDEEP

    6144:bMfMAEJSW/Dnqh6xhEML2Pep++VfnZr5z5sgvDBpYU4nI:4fMxznqhAdL2PeIkl5GK7WI

Malware Config

Targets

    • Target

      Steam&ѡ񹤾V1.2.exe

    • Size

      541KB

    • MD5

      6d1a6d222769aeef4dad19282f9567a2

    • SHA1

      38621c1339fc473a68b5dac7983afb8ece9e3acc

    • SHA256

      050ad0301dc9a4983da715109c89efbb026b2cee000d8365ddf74cc03540b0ba

    • SHA512

      7a0523d5635d115339d15a6591d70ccb44400dcddf03711233b1a7b66dc2491f1a3c224e4eaaa7250ffe8073d82ff1a26e3278163a58cc6098c79696c02ecf8a

    • SSDEEP

      6144:GHJcAE1Gs/DnqbMxT3lEMLkbeh+WVVn7r5pvsgFZl+GIIIIIIIhIIIIIIIIIIIIH:GatTnqbqldLkbewch5Gi0

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks