General

  • Target

    69b111d33614cfc8056123ca2a858ddee20bfe0009024000af34cd493812af57

  • Size

    323KB

  • Sample

    240802-fj3aba1hlh

  • MD5

    afaad5dda050dc812bc9307ddd6cc0b4

  • SHA1

    1dc2037f89d48353bb91961eef2ef215247394c1

  • SHA256

    69b111d33614cfc8056123ca2a858ddee20bfe0009024000af34cd493812af57

  • SHA512

    695897fb021d320e0b58b8409d244aa4a29b44ad99015d77791f881ef32fe599b209574408cb49837748316377746bd8bcab39fe96633a8ca03f7d00baa7e96c

  • SSDEEP

    6144:XgFCEvB6kJONjt0+4ROiHdUhGwNvLnPwoAJy6QGy0hU+Ee81NhiOpcA4vTSKDNaT:Xgct0eQdiGKPcAGTU+n81N3p4vTfh4oS

Malware Config

Extracted

Family

gozi

Targets

    • Target

      69b111d33614cfc8056123ca2a858ddee20bfe0009024000af34cd493812af57

    • Size

      323KB

    • MD5

      afaad5dda050dc812bc9307ddd6cc0b4

    • SHA1

      1dc2037f89d48353bb91961eef2ef215247394c1

    • SHA256

      69b111d33614cfc8056123ca2a858ddee20bfe0009024000af34cd493812af57

    • SHA512

      695897fb021d320e0b58b8409d244aa4a29b44ad99015d77791f881ef32fe599b209574408cb49837748316377746bd8bcab39fe96633a8ca03f7d00baa7e96c

    • SSDEEP

      6144:XgFCEvB6kJONjt0+4ROiHdUhGwNvLnPwoAJy6QGy0hU+Ee81NhiOpcA4vTSKDNaT:Xgct0eQdiGKPcAGTU+n81N3p4vTfh4oS

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks