General

  • Target

    993a300ff2825856372831b92ca6e97e_JaffaCakes118

  • Size

    231KB

  • Sample

    240605-zn6yvaaa96

  • MD5

    993a300ff2825856372831b92ca6e97e

  • SHA1

    7e42db152f2a270bc0d7ad0bf8b0b246ab6337d6

  • SHA256

    502c07b2bb35d0815527368cbea749309012bfa28bbad8b2b6855c425f2fc70a

  • SHA512

    3f34179e3aea67fe78d53aa4ca55e261893606ecb31aeeb29d392eae3758893694b87459dfdf85e58a2533989f79298b85057e52290fda219cb4668006329b17

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL8eBWOgL:n3C9BRo7MlrWKo+lxK8eBWVL

Malware Config

Targets

    • Target

      993a300ff2825856372831b92ca6e97e_JaffaCakes118

    • Size

      231KB

    • MD5

      993a300ff2825856372831b92ca6e97e

    • SHA1

      7e42db152f2a270bc0d7ad0bf8b0b246ab6337d6

    • SHA256

      502c07b2bb35d0815527368cbea749309012bfa28bbad8b2b6855c425f2fc70a

    • SHA512

      3f34179e3aea67fe78d53aa4ca55e261893606ecb31aeeb29d392eae3758893694b87459dfdf85e58a2533989f79298b85057e52290fda219cb4668006329b17

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL8eBWOgL:n3C9BRo7MlrWKo+lxK8eBWVL

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks