General

  • Target

    463ffa05818985f9950ee2b819577a8ae781ffd519c1a04e17e8153642300da2

  • Size

    65KB

  • Sample

    241018-zzk6hsyclb

  • MD5

    be16b64e10cd63f100a7cef57a1fde86

  • SHA1

    a70bfe9ed603f8f9170fe1bc6e840f716a9ea16c

  • SHA256

    463ffa05818985f9950ee2b819577a8ae781ffd519c1a04e17e8153642300da2

  • SHA512

    24017ea79b411410a5e1c8245e3e126aaf11ffb09db2dca3329b1f308534cdafe8e93ca94aa9e4d00bbb0d63a1c9827e51257832ea484e20952e32ed1c3b5aa7

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27h:ymb3NkkiQ3mdBjFI9w

Malware Config

Targets

    • Target

      463ffa05818985f9950ee2b819577a8ae781ffd519c1a04e17e8153642300da2

    • Size

      65KB

    • MD5

      be16b64e10cd63f100a7cef57a1fde86

    • SHA1

      a70bfe9ed603f8f9170fe1bc6e840f716a9ea16c

    • SHA256

      463ffa05818985f9950ee2b819577a8ae781ffd519c1a04e17e8153642300da2

    • SHA512

      24017ea79b411410a5e1c8245e3e126aaf11ffb09db2dca3329b1f308534cdafe8e93ca94aa9e4d00bbb0d63a1c9827e51257832ea484e20952e32ed1c3b5aa7

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27h:ymb3NkkiQ3mdBjFI9w

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks