General

  • Target

    acb14740bdf32d9d73ec8f73d412768dadd225a35cd5c1f2584301f6e06a6a78

  • Size

    14KB

  • Sample

    221129-dxqgkaba25

  • MD5

    f93b258a14e6a90c838cd5ea2e4a31e4

  • SHA1

    0e7e4dd6f7fd614f0723c9687c6b18b5fdd36c26

  • SHA256

    acb14740bdf32d9d73ec8f73d412768dadd225a35cd5c1f2584301f6e06a6a78

  • SHA512

    aa2c65155be8924a589cdd2925bd9664dbb9e4216eee9b0cd6ee20fdfc95fde4e0c679c21a6a27921bae8c4a59dfbb1b595d60794971018c293c4e9b09bbb092

  • SSDEEP

    384:pufPa2vDGDdapHm9BNmWMlEnL19sdbqpBBARbKeJH:oa2edb9HmZELLsdbIWRWeB

Score
10/10

Malware Config

Targets

    • Target

      acb14740bdf32d9d73ec8f73d412768dadd225a35cd5c1f2584301f6e06a6a78

    • Size

      14KB

    • MD5

      f93b258a14e6a90c838cd5ea2e4a31e4

    • SHA1

      0e7e4dd6f7fd614f0723c9687c6b18b5fdd36c26

    • SHA256

      acb14740bdf32d9d73ec8f73d412768dadd225a35cd5c1f2584301f6e06a6a78

    • SHA512

      aa2c65155be8924a589cdd2925bd9664dbb9e4216eee9b0cd6ee20fdfc95fde4e0c679c21a6a27921bae8c4a59dfbb1b595d60794971018c293c4e9b09bbb092

    • SSDEEP

      384:pufPa2vDGDdapHm9BNmWMlEnL19sdbqpBBARbKeJH:oa2edb9HmZELLsdbIWRWeB

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Tasks