General

  • Target

    999ca83cbb08eb23fbd9d84cdf009205_JaffaCakes118

  • Size

    193KB

  • Sample

    240606-ar928sde99

  • MD5

    999ca83cbb08eb23fbd9d84cdf009205

  • SHA1

    d43a059477cfbd2ef8256101eed753d11dd6a5c9

  • SHA256

    f0e77c9b8554f9a45a192ed5e994a52f7ab58c44ad7314dcc0bd39180dfb7301

  • SHA512

    ba691ffdd44869d0f9a49d2d37742b2bcb7d56a66d438b66f4e2f857d3d8771fe47d8f1d03ff9eaed31c93b16233efd43cc3b19f4e3d6dfa6cf7718967b7a6a3

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqyByFEyDRZ8CsLR:PhOm2sI93UufdC67cihByiylmCsd

Malware Config

Targets

    • Target

      999ca83cbb08eb23fbd9d84cdf009205_JaffaCakes118

    • Size

      193KB

    • MD5

      999ca83cbb08eb23fbd9d84cdf009205

    • SHA1

      d43a059477cfbd2ef8256101eed753d11dd6a5c9

    • SHA256

      f0e77c9b8554f9a45a192ed5e994a52f7ab58c44ad7314dcc0bd39180dfb7301

    • SHA512

      ba691ffdd44869d0f9a49d2d37742b2bcb7d56a66d438b66f4e2f857d3d8771fe47d8f1d03ff9eaed31c93b16233efd43cc3b19f4e3d6dfa6cf7718967b7a6a3

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqyByFEyDRZ8CsLR:PhOm2sI93UufdC67cihByiylmCsd

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks