General

  • Target

    d7e043c91ff79462a844fa113bdda9fb5b2da03ca5b56e7137c3c65522cf8bffN

  • Size

    279KB

  • Sample

    241017-qagmcssark

  • MD5

    face18af5f70087e9fbf92c2ee116a20

  • SHA1

    39ea6bb8cc8dfab8dc8229b7112765dbc2470ad0

  • SHA256

    d7e043c91ff79462a844fa113bdda9fb5b2da03ca5b56e7137c3c65522cf8bff

  • SHA512

    b3e1cc83fbbf7fde920ace2599653336f1de8168a1e408e9ee135335670ea9ff96ad2cd5a664544eb606b7e2e15686418dc97fa7ecc9efb402f0540a1f62cfee

  • SSDEEP

    6144:ncm4FmowdHoS6rW3NNTvBu6wo2J4JAgNXkArR/rtXOLtu4J6KvvLp3OKtUuuuTEl:14wFHoSeM/Tpu6w14JAOkIRhOBu4Jhv4

Malware Config

Targets

    • Target

      d7e043c91ff79462a844fa113bdda9fb5b2da03ca5b56e7137c3c65522cf8bffN

    • Size

      279KB

    • MD5

      face18af5f70087e9fbf92c2ee116a20

    • SHA1

      39ea6bb8cc8dfab8dc8229b7112765dbc2470ad0

    • SHA256

      d7e043c91ff79462a844fa113bdda9fb5b2da03ca5b56e7137c3c65522cf8bff

    • SHA512

      b3e1cc83fbbf7fde920ace2599653336f1de8168a1e408e9ee135335670ea9ff96ad2cd5a664544eb606b7e2e15686418dc97fa7ecc9efb402f0540a1f62cfee

    • SSDEEP

      6144:ncm4FmowdHoS6rW3NNTvBu6wo2J4JAgNXkArR/rtXOLtu4J6KvvLp3OKtUuuuTEl:14wFHoSeM/Tpu6w14JAOkIRhOBu4Jhv4

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks