General

  • Target

    516da0e92b13dd649e6e8786a58763cf_JaffaCakes118

  • Size

    2.2MB

  • Sample

    241017-kppnmateqq

  • MD5

    516da0e92b13dd649e6e8786a58763cf

  • SHA1

    493605da8403ccccd069afcea6b06888cb7ae747

  • SHA256

    e2a43100bc2daee8b677f69656e571da1fe6a5be5c2a7d33f6dd92b8bfc70102

  • SHA512

    40b7477e7e55cd54c285a8f918f1573770692a7419b2b06a3071f4941ebd84fa9ad7443c5cd45a7446d5b58253156df70c96998e1b953cd450f3a6e608626ac6

  • SSDEEP

    49152:Y3a6Z9ik/g6sschiffRojfV0OrEc6SbAqkEJ0HkJwCjtX6Dc:Y3MndschiyDVnb6SFkEyYjtq

Malware Config

Targets

    • Target

      516da0e92b13dd649e6e8786a58763cf_JaffaCakes118

    • Size

      2.2MB

    • MD5

      516da0e92b13dd649e6e8786a58763cf

    • SHA1

      493605da8403ccccd069afcea6b06888cb7ae747

    • SHA256

      e2a43100bc2daee8b677f69656e571da1fe6a5be5c2a7d33f6dd92b8bfc70102

    • SHA512

      40b7477e7e55cd54c285a8f918f1573770692a7419b2b06a3071f4941ebd84fa9ad7443c5cd45a7446d5b58253156df70c96998e1b953cd450f3a6e608626ac6

    • SSDEEP

      49152:Y3a6Z9ik/g6sschiffRojfV0OrEc6SbAqkEJ0HkJwCjtX6Dc:Y3MndschiyDVnb6SFkEyYjtq

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks