General

  • Target

    ea3af6720026336261f0bab9413ae4be0ef31a4e4fd772e6f6c25f585468e2dcN

  • Size

    48KB

  • Sample

    241104-zkwzgaxaqf

  • MD5

    1a1f64a199ba0a24d85e61e2cdf6bef0

  • SHA1

    3b48c75997ba79ed507f24b090b992931412e9fe

  • SHA256

    ea3af6720026336261f0bab9413ae4be0ef31a4e4fd772e6f6c25f585468e2dc

  • SHA512

    e31a6d1b8da6288aded723b2c4769f183e4ed858588fbe225da0b5e13fd03a837017a2c7d1d95949c5552347ca63f078d80c790ea2cd80fc5d3ac729705e9ecd

  • SSDEEP

    1536:mAocdpeVoBDulhzHMb7xNAa04Mcg5bx7i:0cdpeeBSHHMHLf9Rybx7i

Malware Config

Targets

    • Target

      ea3af6720026336261f0bab9413ae4be0ef31a4e4fd772e6f6c25f585468e2dcN

    • Size

      48KB

    • MD5

      1a1f64a199ba0a24d85e61e2cdf6bef0

    • SHA1

      3b48c75997ba79ed507f24b090b992931412e9fe

    • SHA256

      ea3af6720026336261f0bab9413ae4be0ef31a4e4fd772e6f6c25f585468e2dc

    • SHA512

      e31a6d1b8da6288aded723b2c4769f183e4ed858588fbe225da0b5e13fd03a837017a2c7d1d95949c5552347ca63f078d80c790ea2cd80fc5d3ac729705e9ecd

    • SSDEEP

      1536:mAocdpeVoBDulhzHMb7xNAa04Mcg5bx7i:0cdpeeBSHHMHLf9Rybx7i

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks