General

  • Target

    3ad3895bffb24067e4bfe14ccae52711c20a90900b2d5691021264c38e428f4a

  • Size

    375KB

  • Sample

    241102-1cwt6swdmb

  • MD5

    bcb20bf0723e1efd38679191b3818f76

  • SHA1

    c831aaab7d5c840ed15c9e8f6c435d1d7f5c8f7b

  • SHA256

    3ad3895bffb24067e4bfe14ccae52711c20a90900b2d5691021264c38e428f4a

  • SHA512

    5167b536350caa2bbd83e818062a558e1ac36282ac7f4b9bccfd420ca0ac4fafdceb2a8b8ad7a1bb19366119ced2ddcf7e84aba2fb300910317bd5ddf800aef1

  • SSDEEP

    6144:9cm4FmowdHoSABIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7T:/4wFHoSA4KofHfHTXQLzgvnzHPowYbvi

Malware Config

Targets

    • Target

      3ad3895bffb24067e4bfe14ccae52711c20a90900b2d5691021264c38e428f4a

    • Size

      375KB

    • MD5

      bcb20bf0723e1efd38679191b3818f76

    • SHA1

      c831aaab7d5c840ed15c9e8f6c435d1d7f5c8f7b

    • SHA256

      3ad3895bffb24067e4bfe14ccae52711c20a90900b2d5691021264c38e428f4a

    • SHA512

      5167b536350caa2bbd83e818062a558e1ac36282ac7f4b9bccfd420ca0ac4fafdceb2a8b8ad7a1bb19366119ced2ddcf7e84aba2fb300910317bd5ddf800aef1

    • SSDEEP

      6144:9cm4FmowdHoSABIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7T:/4wFHoSA4KofHfHTXQLzgvnzHPowYbvi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Molebox Virtualization software

      Detects file using Molebox Virtualization software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks