General

  • Target

    0174b93ab08c055273c5e126421e18ee_JaffaCakes118

  • Size

    75KB

  • Sample

    240727-2hz98asarp

  • MD5

    0174b93ab08c055273c5e126421e18ee

  • SHA1

    52a91934614d6e07925b0cb8c4fde5bb831b25ce

  • SHA256

    a1d88bfc96adeae6cc6430ac63b3482d035d859010b64c765b73617b22901ca9

  • SHA512

    165ea6925e7baf2a7529e5fca13c29bd008883bbf404dc93160fb03342bfaaa4a5c938d9e6dfa006ec3b34708a4ad94178fa3741ad27c82940510012d04254de

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfotGpSy5wAP:ymb3NkkiQ3mdBjFWXkj7afowp7DP

Malware Config

Targets

    • Target

      0174b93ab08c055273c5e126421e18ee_JaffaCakes118

    • Size

      75KB

    • MD5

      0174b93ab08c055273c5e126421e18ee

    • SHA1

      52a91934614d6e07925b0cb8c4fde5bb831b25ce

    • SHA256

      a1d88bfc96adeae6cc6430ac63b3482d035d859010b64c765b73617b22901ca9

    • SHA512

      165ea6925e7baf2a7529e5fca13c29bd008883bbf404dc93160fb03342bfaaa4a5c938d9e6dfa006ec3b34708a4ad94178fa3741ad27c82940510012d04254de

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfotGpSy5wAP:ymb3NkkiQ3mdBjFWXkj7afowp7DP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks