General

  • Target

    abc0b6f266b6acbaa0b4a48d4e4d6c29f60dec9aa30351cbfbbc60235584b921N

  • Size

    79KB

  • Sample

    241030-xm664szcmq

  • MD5

    894b701a3fa81e0e89ae705e54c6c490

  • SHA1

    fdd490e6aa561fbc22a318738f6f44016ca0e86d

  • SHA256

    abc0b6f266b6acbaa0b4a48d4e4d6c29f60dec9aa30351cbfbbc60235584b921

  • SHA512

    5abfcc7e5de6f0d3772109d26c10464feaa6c6a5dc9ca6aa16a7083af30b8888ec0a1d415bf8446d2d20caefb4a2bf0bccae9e6a7a4381038c0612b98e27335f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0Dm5r/zX:ymb3NkkiQ3mdBjF+3TU2iBRioSMrLX

Malware Config

Targets

    • Target

      abc0b6f266b6acbaa0b4a48d4e4d6c29f60dec9aa30351cbfbbc60235584b921N

    • Size

      79KB

    • MD5

      894b701a3fa81e0e89ae705e54c6c490

    • SHA1

      fdd490e6aa561fbc22a318738f6f44016ca0e86d

    • SHA256

      abc0b6f266b6acbaa0b4a48d4e4d6c29f60dec9aa30351cbfbbc60235584b921

    • SHA512

      5abfcc7e5de6f0d3772109d26c10464feaa6c6a5dc9ca6aa16a7083af30b8888ec0a1d415bf8446d2d20caefb4a2bf0bccae9e6a7a4381038c0612b98e27335f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0Dm5r/zX:ymb3NkkiQ3mdBjF+3TU2iBRioSMrLX

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks