Overview

overview

10

Static

static

7

1744cedeea...18.dll

windows7-x64

10

1744cedeea...18.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1744cedeea1e6acfe65b8cc130b91e4b_JaffaCakes118

  • Size

    944KB

  • Sample

    241005-l98gxateqg

  • MD5

    1744cedeea1e6acfe65b8cc130b91e4b

  • SHA1

    6c98044809c8c93d27f64a365d9a7eb01f09fef5

  • SHA256

    8860455e9f309d55c7c6f0126137a425115493d67a3f3b48a55f4f877385ce47

  • SHA512

    5e9883e1f70ca7e1917b3920d6bf284d387a534c4648d9452e24ff8e4ac997dab97561da4fcc0acc8b93eea8ee6f9f8f64489655cb764193f5f962165b70e1ff

  • SSDEEP

    24576:eTsch29iLK2F0lv0vkD+EweW4uGhOKfxF66Q6iR:IsWF0lHD+zeW4HOQy

Score
10/10
blackmoonbankerdiscoverytrojanvmprotect

Malware Config

Targets

    • Target

      1744cedeea1e6acfe65b8cc130b91e4b_JaffaCakes118

    • Size

      944KB

    • MD5

      1744cedeea1e6acfe65b8cc130b91e4b

    • SHA1

      6c98044809c8c93d27f64a365d9a7eb01f09fef5

    • SHA256

      8860455e9f309d55c7c6f0126137a425115493d67a3f3b48a55f4f877385ce47

    • SHA512

      5e9883e1f70ca7e1917b3920d6bf284d387a534c4648d9452e24ff8e4ac997dab97561da4fcc0acc8b93eea8ee6f9f8f64489655cb764193f5f962165b70e1ff

    • SSDEEP

      24576:eTsch29iLK2F0lv0vkD+EweW4uGhOKfxF66Q6iR:IsWF0lHD+zeW4HOQy

    Score
    10/10
    blackmoonbankerdiscoverytrojanvmprotect

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks