General

  • Target

    fddc0350bd847cf476d95097137f81caf0cf50deb2534d176c1c08cce7e55a8aN

  • Size

    66KB

  • Sample

    241017-tz73dsvarg

  • MD5

    c7cc8f19814aae48267674700de75440

  • SHA1

    02176828c5eb723e1724bd5c766b4d12f2b4537e

  • SHA256

    fddc0350bd847cf476d95097137f81caf0cf50deb2534d176c1c08cce7e55a8a

  • SHA512

    84ea465668c909cc771ecf1892b8f76fad89227b3279c32a7595c5dc721c0c396730c99c483442f5a434415fd0424bee020cd460f00fae56de10714c39dae270

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzkzNMP:ymb3NkkiQ3mdBjFIvlpMP

Malware Config

Targets

    • Target

      fddc0350bd847cf476d95097137f81caf0cf50deb2534d176c1c08cce7e55a8aN

    • Size

      66KB

    • MD5

      c7cc8f19814aae48267674700de75440

    • SHA1

      02176828c5eb723e1724bd5c766b4d12f2b4537e

    • SHA256

      fddc0350bd847cf476d95097137f81caf0cf50deb2534d176c1c08cce7e55a8a

    • SHA512

      84ea465668c909cc771ecf1892b8f76fad89227b3279c32a7595c5dc721c0c396730c99c483442f5a434415fd0424bee020cd460f00fae56de10714c39dae270

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzkzNMP:ymb3NkkiQ3mdBjFIvlpMP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks