General

  • Target

    10c42a1e53e3573177aceefa1804ecd9_JaffaCakes118

  • Size

    464KB

  • Sample

    240626-fd2rlaydkj

  • MD5

    10c42a1e53e3573177aceefa1804ecd9

  • SHA1

    31a3a6d6519982fc211903ac5c468b354d189328

  • SHA256

    48587c2287aaaa00eecba83470d9c87be773de5c91862f25ab3a3ef50a819a3d

  • SHA512

    c8e0bcc09ea3e18a9703736d29783f1793b4331f00549eadacd4ab15ca9bbab7a0cc5aeebc6fbe5f7cdeae2e407c8ef4b2ce81cda5d0dab57c13fb467c990884

  • SSDEEP

    12288:xcKA9P3RxBomS0alF/p+abpwH9rwCW5sCbQU:xDAzxGIalFPY9rwCIsw

Malware Config

Targets

    • Target

      10c42a1e53e3573177aceefa1804ecd9_JaffaCakes118

    • Size

      464KB

    • MD5

      10c42a1e53e3573177aceefa1804ecd9

    • SHA1

      31a3a6d6519982fc211903ac5c468b354d189328

    • SHA256

      48587c2287aaaa00eecba83470d9c87be773de5c91862f25ab3a3ef50a819a3d

    • SHA512

      c8e0bcc09ea3e18a9703736d29783f1793b4331f00549eadacd4ab15ca9bbab7a0cc5aeebc6fbe5f7cdeae2e407c8ef4b2ce81cda5d0dab57c13fb467c990884

    • SSDEEP

      12288:xcKA9P3RxBomS0alF/p+abpwH9rwCW5sCbQU:xDAzxGIalFPY9rwCIsw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks