General

  • Target

    3a160302c1f1264d8544ecf4256958839b654f9848fde7fd274f53048bc3fc80

  • Size

    8.0MB

  • Sample

    241018-zfvkvaxbpc

  • MD5

    ba7cc70e45905a72e0b2e415d6418f60

  • SHA1

    03dcc56441aff73419d8b227fa5dfd75e90cc11d

  • SHA256

    3a160302c1f1264d8544ecf4256958839b654f9848fde7fd274f53048bc3fc80

  • SHA512

    ed4b8d6a534cb59f5d48d46e9a96c657f969caf51b3d1ca08252686576be92c1965d3a89f3b3415a1df23b98ffb4dc2ade5f130efeab83c4a2eabeccd45f8a57

  • SSDEEP

    196608:Veo9Kq5/4FP0Rtta6mtsjoHZ9lvid+S+lJGpq8KNBxdd:nkSrR7mgo59S+bJGLQHn

Malware Config

Targets

    • Target

      3a160302c1f1264d8544ecf4256958839b654f9848fde7fd274f53048bc3fc80

    • Size

      8.0MB

    • MD5

      ba7cc70e45905a72e0b2e415d6418f60

    • SHA1

      03dcc56441aff73419d8b227fa5dfd75e90cc11d

    • SHA256

      3a160302c1f1264d8544ecf4256958839b654f9848fde7fd274f53048bc3fc80

    • SHA512

      ed4b8d6a534cb59f5d48d46e9a96c657f969caf51b3d1ca08252686576be92c1965d3a89f3b3415a1df23b98ffb4dc2ade5f130efeab83c4a2eabeccd45f8a57

    • SSDEEP

      196608:Veo9Kq5/4FP0Rtta6mtsjoHZ9lvid+S+lJGpq8KNBxdd:nkSrR7mgo59S+bJGLQHn

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks