General

  • Target

    c12c1d6cea70c96a845b3030779adedf4f3794b78f9f297fc4bf3e951dcea4a8N

  • Size

    454KB

  • Sample

    241102-zlrfdavgnq

  • MD5

    5c398355747afc4b803553867206f640

  • SHA1

    565be416e733f0a79671c075b6d52b27a9d94953

  • SHA256

    c12c1d6cea70c96a845b3030779adedf4f3794b78f9f297fc4bf3e951dcea4a8

  • SHA512

    869d8e85765325a9ff39c76c56bb2cd70b3deebd3d1ff99efdfe8d62beef20133078edf0604d3f437fdcfe984090e53e834a8a9ecf266eca3d9e60bd41010ba2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRv:q7Tc2NYHUrAwfMp3CDRv

Malware Config

Targets

    • Target

      c12c1d6cea70c96a845b3030779adedf4f3794b78f9f297fc4bf3e951dcea4a8N

    • Size

      454KB

    • MD5

      5c398355747afc4b803553867206f640

    • SHA1

      565be416e733f0a79671c075b6d52b27a9d94953

    • SHA256

      c12c1d6cea70c96a845b3030779adedf4f3794b78f9f297fc4bf3e951dcea4a8

    • SHA512

      869d8e85765325a9ff39c76c56bb2cd70b3deebd3d1ff99efdfe8d62beef20133078edf0604d3f437fdcfe984090e53e834a8a9ecf266eca3d9e60bd41010ba2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRv:q7Tc2NYHUrAwfMp3CDRv

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks