General

  • Target

    2917a8e9d5e03f35d3926606b6e0f45196d45e6c5d8c78d2f6f10feba88e0856

  • Size

    454KB

  • Sample

    241030-z2rq3s1fke

  • MD5

    d59817e400edfea6988f0658567fb8ec

  • SHA1

    adae0ef0cdf9cde1b5a34fcb6a10cc2f5b0e87bd

  • SHA256

    2917a8e9d5e03f35d3926606b6e0f45196d45e6c5d8c78d2f6f10feba88e0856

  • SHA512

    5e4c15a331f29826a5af007b873b50ef5879d1c3672c63fcf233b0641a4a9a92468c45b7045005f5e19e278eff9753c8413063f9c96789bff0a9d22cd954e23e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

Malware Config

Targets

    • Target

      2917a8e9d5e03f35d3926606b6e0f45196d45e6c5d8c78d2f6f10feba88e0856

    • Size

      454KB

    • MD5

      d59817e400edfea6988f0658567fb8ec

    • SHA1

      adae0ef0cdf9cde1b5a34fcb6a10cc2f5b0e87bd

    • SHA256

      2917a8e9d5e03f35d3926606b6e0f45196d45e6c5d8c78d2f6f10feba88e0856

    • SHA512

      5e4c15a331f29826a5af007b873b50ef5879d1c3672c63fcf233b0641a4a9a92468c45b7045005f5e19e278eff9753c8413063f9c96789bff0a9d22cd954e23e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks