General

  • Target

    2929c380db2968562f25d6fc7b7d492f53fc669c6ce6d957538676abaa1ab628

  • Size

    453KB

  • Sample

    241102-zntzaavhkk

  • MD5

    896c82b4fee601ac6ba0c5cc92a4fe57

  • SHA1

    17db1a575d1c4a2a6f088054ee977bb3d7662afa

  • SHA256

    2929c380db2968562f25d6fc7b7d492f53fc669c6ce6d957538676abaa1ab628

  • SHA512

    3d4dc20f6a87a36576c5c05082612a3db7a815f0ba57cdfb653e63c942d77c85898f98490f00b61a76dad02581e04c09cd81e9d851fd14ccc97e1f0be7cd860c

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet/:q7Tc2NYHUrAwfMp3CDt/

Malware Config

Targets

    • Target

      2929c380db2968562f25d6fc7b7d492f53fc669c6ce6d957538676abaa1ab628

    • Size

      453KB

    • MD5

      896c82b4fee601ac6ba0c5cc92a4fe57

    • SHA1

      17db1a575d1c4a2a6f088054ee977bb3d7662afa

    • SHA256

      2929c380db2968562f25d6fc7b7d492f53fc669c6ce6d957538676abaa1ab628

    • SHA512

      3d4dc20f6a87a36576c5c05082612a3db7a815f0ba57cdfb653e63c942d77c85898f98490f00b61a76dad02581e04c09cd81e9d851fd14ccc97e1f0be7cd860c

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet/:q7Tc2NYHUrAwfMp3CDt/

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks