General

  • Target

    51e054816269a9e2a763fbe9e2f9c4f5_JaffaCakes118

  • Size

    2.1MB

  • Sample

    241017-nh9l1averd

  • MD5

    51e054816269a9e2a763fbe9e2f9c4f5

  • SHA1

    c12806312ffb50cc7b5f9cee96d5ddac2252be58

  • SHA256

    ad5fc8f32f874fad0e8f1417841b1925e1c7037bc6da6e48ea527ab475bb6e2f

  • SHA512

    46ded7dbb7b04f929484e09086219f481917c1603786cf9055f696718d541e988dd31630cb807d711b59c0e6e6f2f0c6b7c51222c8d78e21f389e0a21e33aa01

  • SSDEEP

    49152:F4AwQ7ue+P0rontobeRqwTcB/20NQkFBJJWAamyashrjfKG:F8Q6P0Mn2EeBrJ0AamyaYrjfX

Malware Config

Targets

    • Target

      51e054816269a9e2a763fbe9e2f9c4f5_JaffaCakes118

    • Size

      2.1MB

    • MD5

      51e054816269a9e2a763fbe9e2f9c4f5

    • SHA1

      c12806312ffb50cc7b5f9cee96d5ddac2252be58

    • SHA256

      ad5fc8f32f874fad0e8f1417841b1925e1c7037bc6da6e48ea527ab475bb6e2f

    • SHA512

      46ded7dbb7b04f929484e09086219f481917c1603786cf9055f696718d541e988dd31630cb807d711b59c0e6e6f2f0c6b7c51222c8d78e21f389e0a21e33aa01

    • SSDEEP

      49152:F4AwQ7ue+P0rontobeRqwTcB/20NQkFBJJWAamyashrjfKG:F8Q6P0Mn2EeBrJ0AamyaYrjfX

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks