General

  • Target

    597a7e2f449067f5a8e807a28a5d9165_JaffaCakes118

  • Size

    90KB

  • Sample

    241018-1eheka1gjr

  • MD5

    597a7e2f449067f5a8e807a28a5d9165

  • SHA1

    c288b5f00d249da96440f5e5a3897b4ad9960de5

  • SHA256

    c88fc10b269253f149e0df1e37fe933fa5a7ade0f47bad7c0fc8cabb0a7ade34

  • SHA512

    823360cc37dad508516513e9adbf7ed7199796eafd04cebbdedf21ca188af9a9414b2fb97c59aeb451a942bd8ea9da530a91f73b714f44cfd3148cabb1ea3f26

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qmPbvp4Lil0Se:ymb3NkkiQ3mdBjFIj+qmzvp4Z

Malware Config

Targets

    • Target

      597a7e2f449067f5a8e807a28a5d9165_JaffaCakes118

    • Size

      90KB

    • MD5

      597a7e2f449067f5a8e807a28a5d9165

    • SHA1

      c288b5f00d249da96440f5e5a3897b4ad9960de5

    • SHA256

      c88fc10b269253f149e0df1e37fe933fa5a7ade0f47bad7c0fc8cabb0a7ade34

    • SHA512

      823360cc37dad508516513e9adbf7ed7199796eafd04cebbdedf21ca188af9a9414b2fb97c59aeb451a942bd8ea9da530a91f73b714f44cfd3148cabb1ea3f26

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qmPbvp4Lil0Se:ymb3NkkiQ3mdBjFIj+qmzvp4Z

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks