General

  • Target

    exe.exe.v

  • Size

    406KB

  • Sample

    240920-lqpwfszgrm

  • MD5

    c1105b325208b94c7f2a054901ee7122

  • SHA1

    6d43a222928259afed09081427cea7efbe64cd33

  • SHA256

    eece8f6aa859eec0d58fde08b08d6716d0df66aacd180d102b4df5b4896bc23e

  • SHA512

    760efa89bd317d9383aae85f41f6d090461e21522cd8e4f4c5c90503ba9e0d4ec265fbdfa8c76fd32c1305c51128f27ea7a246b180fd5d574af64f0966093142

  • SSDEEP

    3072:hR3TSduMAhgamPis0/iR8mbeUUHoYOooc422f2c+2XF9HQjMR:hRjJhgaAis0/28mbVUHoQMj

Malware Config

Targets

    • Target

      exe.exe.v

    • Size

      406KB

    • MD5

      c1105b325208b94c7f2a054901ee7122

    • SHA1

      6d43a222928259afed09081427cea7efbe64cd33

    • SHA256

      eece8f6aa859eec0d58fde08b08d6716d0df66aacd180d102b4df5b4896bc23e

    • SHA512

      760efa89bd317d9383aae85f41f6d090461e21522cd8e4f4c5c90503ba9e0d4ec265fbdfa8c76fd32c1305c51128f27ea7a246b180fd5d574af64f0966093142

    • SSDEEP

      3072:hR3TSduMAhgamPis0/iR8mbeUUHoYOooc422f2c+2XF9HQjMR:hRjJhgaAis0/28mbVUHoQMj

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    • Fatal Rat payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks