General

  • Target

    00744cfd58a0aa6588267fd05c53d4ba_JaffaCakes118

  • Size

    98KB

  • Sample

    240727-zbfk5azdqb

  • MD5

    00744cfd58a0aa6588267fd05c53d4ba

  • SHA1

    419914f07d6163b8d815ac7deeee4ef954490fda

  • SHA256

    6382bfeedc9194d374928545855e9917933b9e1d0a158574cf0d416d7cf63a56

  • SHA512

    be08cfd76248b1377a6cb1c6bf003a74a2cf3043f6f979bbccb781cf389a73cf62e0b88df62de84b05760bced908275f12bc2ffe9ab9bf0ae6d9ae16a27f3b59

  • SSDEEP

    3072:JhOmTsF93UYfwC6GIoutWFf7TQsq5Va9h57bW:Jcm4FmowdHoSuTU5OXW

Malware Config

Targets

    • Target

      00744cfd58a0aa6588267fd05c53d4ba_JaffaCakes118

    • Size

      98KB

    • MD5

      00744cfd58a0aa6588267fd05c53d4ba

    • SHA1

      419914f07d6163b8d815ac7deeee4ef954490fda

    • SHA256

      6382bfeedc9194d374928545855e9917933b9e1d0a158574cf0d416d7cf63a56

    • SHA512

      be08cfd76248b1377a6cb1c6bf003a74a2cf3043f6f979bbccb781cf389a73cf62e0b88df62de84b05760bced908275f12bc2ffe9ab9bf0ae6d9ae16a27f3b59

    • SSDEEP

      3072:JhOmTsF93UYfwC6GIoutWFf7TQsq5Va9h57bW:Jcm4FmowdHoSuTU5OXW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks