General

  • Target

    56c43a545b8a2f774537165f563d401052fc46bc0732aef7e8b8eeaf45789a99N

  • Size

    378KB

  • Sample

    241017-namghaybln

  • MD5

    f4a0f3a27df1883d1964c078d9597d90

  • SHA1

    c5299ea1ccb096882ddd206ed0839da753b3e3af

  • SHA256

    56c43a545b8a2f774537165f563d401052fc46bc0732aef7e8b8eeaf45789a99

  • SHA512

    10659a6b198922c827b6700092b9b89e1464c047402ea4b66d22a60e4cb826268be475843cf1f0db9c178024cad08bcb8e6e45b1350e93eced7384f64edb7e2f

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVol:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoN

Malware Config

Targets

    • Target

      56c43a545b8a2f774537165f563d401052fc46bc0732aef7e8b8eeaf45789a99N

    • Size

      378KB

    • MD5

      f4a0f3a27df1883d1964c078d9597d90

    • SHA1

      c5299ea1ccb096882ddd206ed0839da753b3e3af

    • SHA256

      56c43a545b8a2f774537165f563d401052fc46bc0732aef7e8b8eeaf45789a99

    • SHA512

      10659a6b198922c827b6700092b9b89e1464c047402ea4b66d22a60e4cb826268be475843cf1f0db9c178024cad08bcb8e6e45b1350e93eced7384f64edb7e2f

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVol:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoN

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks