General

  • Target

    8368215b5e8102d4299d8b5f7a1d4016b1a3e32f78c5e6d41e1101950c230d78

  • Size

    347KB

  • Sample

    241103-a5cnwssrhq

  • MD5

    bae67b494e5e0a504993473cec77a610

  • SHA1

    67b52a9a6e1316ab9e051c189d25cc9f061d4bb6

  • SHA256

    8368215b5e8102d4299d8b5f7a1d4016b1a3e32f78c5e6d41e1101950c230d78

  • SHA512

    7ce534655d6cd1e2c19077e4c4397e57348479f1c1a9354200f0ac76b5a0d0330dbd538bb82156972ef8af91eb81d640cba4a627a1942eafad476e52add0624f

  • SSDEEP

    6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAaC:l7TcbWXZshJX2VGdaC

Malware Config

Targets

    • Target

      8368215b5e8102d4299d8b5f7a1d4016b1a3e32f78c5e6d41e1101950c230d78

    • Size

      347KB

    • MD5

      bae67b494e5e0a504993473cec77a610

    • SHA1

      67b52a9a6e1316ab9e051c189d25cc9f061d4bb6

    • SHA256

      8368215b5e8102d4299d8b5f7a1d4016b1a3e32f78c5e6d41e1101950c230d78

    • SHA512

      7ce534655d6cd1e2c19077e4c4397e57348479f1c1a9354200f0ac76b5a0d0330dbd538bb82156972ef8af91eb81d640cba4a627a1942eafad476e52add0624f

    • SSDEEP

      6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAaC:l7TcbWXZshJX2VGdaC

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks