General

  • Target

    7d66bc1fc1bde442cf17693a0b666bd0c8d328f94b859f970f1748cc7601073e

  • Size

    102KB

  • Sample

    241017-yde7pswajr

  • MD5

    f4cca9a66383acf4de0b5c5e2390ccc6

  • SHA1

    61c38ace97a99b787067bb4aa3e44b4a6f201741

  • SHA256

    7d66bc1fc1bde442cf17693a0b666bd0c8d328f94b859f970f1748cc7601073e

  • SHA512

    58477ffab78c324fb10f0c9cf24abd6bde7bd440355b4cc6ebe2257b0a27e4fe31d8401d473d9bf50373c5ca8e0e18d290edcf6597abca82efa4dba87a349571

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrH5VBuEM:n3C9BRo7tvnJ9FvgEM

Malware Config

Targets

    • Target

      7d66bc1fc1bde442cf17693a0b666bd0c8d328f94b859f970f1748cc7601073e

    • Size

      102KB

    • MD5

      f4cca9a66383acf4de0b5c5e2390ccc6

    • SHA1

      61c38ace97a99b787067bb4aa3e44b4a6f201741

    • SHA256

      7d66bc1fc1bde442cf17693a0b666bd0c8d328f94b859f970f1748cc7601073e

    • SHA512

      58477ffab78c324fb10f0c9cf24abd6bde7bd440355b4cc6ebe2257b0a27e4fe31d8401d473d9bf50373c5ca8e0e18d290edcf6597abca82efa4dba87a349571

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrH5VBuEM:n3C9BRo7tvnJ9FvgEM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks