General

  • Target

    2f91cbfb91b470fd611028e1fc5b34a32a8ae03c1e8d440434c0c49cc723c2ee

  • Size

    453KB

  • Sample

    241102-zydp2svnas

  • MD5

    0d79e6efc7be378bea83f05cf8f07a94

  • SHA1

    c1c9061bbc2c55ac3cad286551d47a4517ee98e4

  • SHA256

    2f91cbfb91b470fd611028e1fc5b34a32a8ae03c1e8d440434c0c49cc723c2ee

  • SHA512

    ee60fee4d332d50fabd1dfe0f5c91bf4d04cac5c26a6f0427c936f60c7d2003e7e7bd9e71da49609df04d35861ba45add6fab8e4d5a75b5e36903a63984682db

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

Malware Config

Targets

    • Target

      2f91cbfb91b470fd611028e1fc5b34a32a8ae03c1e8d440434c0c49cc723c2ee

    • Size

      453KB

    • MD5

      0d79e6efc7be378bea83f05cf8f07a94

    • SHA1

      c1c9061bbc2c55ac3cad286551d47a4517ee98e4

    • SHA256

      2f91cbfb91b470fd611028e1fc5b34a32a8ae03c1e8d440434c0c49cc723c2ee

    • SHA512

      ee60fee4d332d50fabd1dfe0f5c91bf4d04cac5c26a6f0427c936f60c7d2003e7e7bd9e71da49609df04d35861ba45add6fab8e4d5a75b5e36903a63984682db

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks