General

  • Target

    198cf36859ff38a88963f37737c8748f5a3aabd9d7a6b0b3c94e12e49ac2d311N

  • Size

    51KB

  • Sample

    241018-v9rc3a1grn

  • MD5

    5b8bf7213d1e02668211437da3532190

  • SHA1

    71148a1485f39bebd3c9bee7fd42a17ead74fb8b

  • SHA256

    198cf36859ff38a88963f37737c8748f5a3aabd9d7a6b0b3c94e12e49ac2d311

  • SHA512

    5fd74d6fbc7e04bcb4aaff01a6a10b37293b71d779ff51a0823364816bdf553637b3cb770b39f6dca0c6a8dac9f273a930818353be52ca70b1ac17c66577c95e

  • SSDEEP

    1536:mAocdpeVoBDulhzHMb7xNAa04Mcg5IKvXC:0cdpeeBSHHMHLf9RyIKC

Malware Config

Targets

    • Target

      198cf36859ff38a88963f37737c8748f5a3aabd9d7a6b0b3c94e12e49ac2d311N

    • Size

      51KB

    • MD5

      5b8bf7213d1e02668211437da3532190

    • SHA1

      71148a1485f39bebd3c9bee7fd42a17ead74fb8b

    • SHA256

      198cf36859ff38a88963f37737c8748f5a3aabd9d7a6b0b3c94e12e49ac2d311

    • SHA512

      5fd74d6fbc7e04bcb4aaff01a6a10b37293b71d779ff51a0823364816bdf553637b3cb770b39f6dca0c6a8dac9f273a930818353be52ca70b1ac17c66577c95e

    • SSDEEP

      1536:mAocdpeVoBDulhzHMb7xNAa04Mcg5IKvXC:0cdpeeBSHHMHLf9RyIKC

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks