General

  • Target

    e5625c489c1e0bf709ed0520213100249eae350169b291faf8d1554b0f0e2a6fN

  • Size

    3.7MB

  • Sample

    241030-sh3kxawclc

  • MD5

    e43ed5e8cbf3fc1c2be1cfd902a42610

  • SHA1

    3c8127f9e677b7a290948b1710d185969959b493

  • SHA256

    e5625c489c1e0bf709ed0520213100249eae350169b291faf8d1554b0f0e2a6f

  • SHA512

    85196882da91d9904abd981761fe10ab13ad3cb0c15e452dad0fcee6e5b59b693139714dcc4dc8b7caf4583a5959742176c91b1447f5e15258f7f30702baff59

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98g:U6XLq/qPPslzKx/dJg1ErmNj

Malware Config

Targets

    • Target

      e5625c489c1e0bf709ed0520213100249eae350169b291faf8d1554b0f0e2a6fN

    • Size

      3.7MB

    • MD5

      e43ed5e8cbf3fc1c2be1cfd902a42610

    • SHA1

      3c8127f9e677b7a290948b1710d185969959b493

    • SHA256

      e5625c489c1e0bf709ed0520213100249eae350169b291faf8d1554b0f0e2a6f

    • SHA512

      85196882da91d9904abd981761fe10ab13ad3cb0c15e452dad0fcee6e5b59b693139714dcc4dc8b7caf4583a5959742176c91b1447f5e15258f7f30702baff59

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98g:U6XLq/qPPslzKx/dJg1ErmNj

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks