General

  • Target

    2b95f3f33e0ad83cb777a5b2f24c2ad666571e36ee2a366cd09a414f28785308N

  • Size

    68KB

  • Sample

    240919-jnnjhaxgpf

  • MD5

    170e0d450d0b9b23a4ab9f5055cb4700

  • SHA1

    c2ecaea7c6dad88c8c654c5abea63ffca8e5432a

  • SHA256

    2b95f3f33e0ad83cb777a5b2f24c2ad666571e36ee2a366cd09a414f28785308

  • SHA512

    cf21353c7b73f35139cf940335c827d849aa28d243e6671f0526749897a9a467ee712d78e0c2e651d2dcb2acb4b9ff283ac4a292e1330c003d5dc1449d000032

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcZ:ymb3NkkiQ3mdBjFIsIVcZ

Malware Config

Targets

    • Target

      2b95f3f33e0ad83cb777a5b2f24c2ad666571e36ee2a366cd09a414f28785308N

    • Size

      68KB

    • MD5

      170e0d450d0b9b23a4ab9f5055cb4700

    • SHA1

      c2ecaea7c6dad88c8c654c5abea63ffca8e5432a

    • SHA256

      2b95f3f33e0ad83cb777a5b2f24c2ad666571e36ee2a366cd09a414f28785308

    • SHA512

      cf21353c7b73f35139cf940335c827d849aa28d243e6671f0526749897a9a467ee712d78e0c2e651d2dcb2acb4b9ff283ac4a292e1330c003d5dc1449d000032

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcZ:ymb3NkkiQ3mdBjFIsIVcZ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks