General

  • Target

    ae2c769cd1db718e8d4cd488d517941b1a8e3a3926d504bcd1841cf946f94dc4

  • Size

    3.7MB

  • Sample

    241104-dvpggssdmh

  • MD5

    ae0fc95b71170c92dc1df2f92664a50f

  • SHA1

    3cfe597bf7564404a7a67c987cd1d70416d6a4c4

  • SHA256

    ae2c769cd1db718e8d4cd488d517941b1a8e3a3926d504bcd1841cf946f94dc4

  • SHA512

    02cad3cd87ce608c941149542bff752e99030c33f032278e91c43ee013d0fd1ea36f3a96e1a4d6860378d9cc6e2f7eadc41b1a09a5ad87751ec4d8b4d29ab40f

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF981:U6XLq/qPPslzKx/dJg1ErmNo

Malware Config

Targets

    • Target

      ae2c769cd1db718e8d4cd488d517941b1a8e3a3926d504bcd1841cf946f94dc4

    • Size

      3.7MB

    • MD5

      ae0fc95b71170c92dc1df2f92664a50f

    • SHA1

      3cfe597bf7564404a7a67c987cd1d70416d6a4c4

    • SHA256

      ae2c769cd1db718e8d4cd488d517941b1a8e3a3926d504bcd1841cf946f94dc4

    • SHA512

      02cad3cd87ce608c941149542bff752e99030c33f032278e91c43ee013d0fd1ea36f3a96e1a4d6860378d9cc6e2f7eadc41b1a09a5ad87751ec4d8b4d29ab40f

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF981:U6XLq/qPPslzKx/dJg1ErmNo

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks