General

  • Target

    55254dbf7a19e5803a57a50af5e4d070_JaffaCakes118

  • Size

    191KB

  • Sample

    240518-rl9b7afe67

  • MD5

    55254dbf7a19e5803a57a50af5e4d070

  • SHA1

    9c59f35434ccc4605521625a5f364e306d9d8462

  • SHA256

    e93816aa44950d9315279de9b049da8004ac89c71fa7ffb80a9a6384f27258c9

  • SHA512

    3396bcd1f0c3d83f8a3c76dcd194ae980c0cf9bb899d9fd23cdee11755c20a9389d0096b51784bf6ff3e3178e4ba689f78e229f8d665d057c4fbf11853609b9d

  • SSDEEP

    1536:EvQBeOGtrYSSsrc93UBIfdC67m6AJiqjt3ufT/FRxZOYsU58R:EhOm2sI93UufdC67ciyt3ujFf7jaR

Malware Config

Targets

    • Target

      55254dbf7a19e5803a57a50af5e4d070_JaffaCakes118

    • Size

      191KB

    • MD5

      55254dbf7a19e5803a57a50af5e4d070

    • SHA1

      9c59f35434ccc4605521625a5f364e306d9d8462

    • SHA256

      e93816aa44950d9315279de9b049da8004ac89c71fa7ffb80a9a6384f27258c9

    • SHA512

      3396bcd1f0c3d83f8a3c76dcd194ae980c0cf9bb899d9fd23cdee11755c20a9389d0096b51784bf6ff3e3178e4ba689f78e229f8d665d057c4fbf11853609b9d

    • SSDEEP

      1536:EvQBeOGtrYSSsrc93UBIfdC67m6AJiqjt3ufT/FRxZOYsU58R:EhOm2sI93UufdC67ciyt3ujFf7jaR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks