General

  • Target

    9508cc971bfefbc3f96cdb76f14d5f7d8ce88ade5733315e9bde8b4c066fca20

  • Size

    9.4MB

  • Sample

    231204-v4glnsdf7s

  • MD5

    9492b9763572aea1cd9909d2e0c7a07d

  • SHA1

    6d9325824234923cbce9217bb27cea17f5b7d266

  • SHA256

    9508cc971bfefbc3f96cdb76f14d5f7d8ce88ade5733315e9bde8b4c066fca20

  • SHA512

    91e96112361943f8db6dee0cc10caac0cd4ec10cc0904c059d4331d625d574a006c3b01e1b02074e3c4fff0a9c53366f7cbd0957e102283a9cb64827fcaa49bc

  • SSDEEP

    196608:n3EYjqo5/KxIfPXXGP4xgGgME2Aih5hpj4EdRy4aY60WdhLyNwl:Uto0SPW4iGgd2phD3avDqw

Malware Config

Targets

    • Target

      9508cc971bfefbc3f96cdb76f14d5f7d8ce88ade5733315e9bde8b4c066fca20

    • Size

      9.4MB

    • MD5

      9492b9763572aea1cd9909d2e0c7a07d

    • SHA1

      6d9325824234923cbce9217bb27cea17f5b7d266

    • SHA256

      9508cc971bfefbc3f96cdb76f14d5f7d8ce88ade5733315e9bde8b4c066fca20

    • SHA512

      91e96112361943f8db6dee0cc10caac0cd4ec10cc0904c059d4331d625d574a006c3b01e1b02074e3c4fff0a9c53366f7cbd0957e102283a9cb64827fcaa49bc

    • SSDEEP

      196608:n3EYjqo5/KxIfPXXGP4xgGgME2Aih5hpj4EdRy4aY60WdhLyNwl:Uto0SPW4iGgd2phD3avDqw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks