General

  • Target

    3581eb4e03b6afa2f00de70850902802208a8d408daa838cb154d7826d47efcdN

  • Size

    57KB

  • Sample

    241018-zm75hsxfma

  • MD5

    829daff2eab0d9191a8a29a10ab0edd0

  • SHA1

    6f42731231b26a59c04379888d107dbf8d123837

  • SHA256

    3581eb4e03b6afa2f00de70850902802208a8d408daa838cb154d7826d47efcd

  • SHA512

    5afd0422f526630f9e528e4ffcd8e40d754b1a1f4b57f65479493c8fc4aa260a60ef89bbf01dfa43d8a998af28c1d00add32d16d84c9b4b982b5eb538f8c1b41

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI/RtoNg:ymb3NkkiQ3mdBjFI/ki

Malware Config

Targets

    • Target

      3581eb4e03b6afa2f00de70850902802208a8d408daa838cb154d7826d47efcdN

    • Size

      57KB

    • MD5

      829daff2eab0d9191a8a29a10ab0edd0

    • SHA1

      6f42731231b26a59c04379888d107dbf8d123837

    • SHA256

      3581eb4e03b6afa2f00de70850902802208a8d408daa838cb154d7826d47efcd

    • SHA512

      5afd0422f526630f9e528e4ffcd8e40d754b1a1f4b57f65479493c8fc4aa260a60ef89bbf01dfa43d8a998af28c1d00add32d16d84c9b4b982b5eb538f8c1b41

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI/RtoNg:ymb3NkkiQ3mdBjFI/ki

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks