General

  • Target

    eba985827b206ab3935fee6c61738abfe20163df892f1ff3c225e896789ebfeaN

  • Size

    455KB

  • Sample

    241109-1mc5tatajm

  • MD5

    0e4f3aab67a61fd35812a63dcb7e0c10

  • SHA1

    42d341bdd2a410137ebc93fe162311a3a43a19ca

  • SHA256

    eba985827b206ab3935fee6c61738abfe20163df892f1ff3c225e896789ebfea

  • SHA512

    293d81f77f23995bc60ca5e44783aca8edaf3eca32fc04d1cad57d6a6a9c5a38ea1e29255f822727e350d148e1519bc49d2887af0dc1f9ab7aeb1fdab5277b08

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR3:q7Tc2NYHUrAwfMp3CDR3

Malware Config

Targets

    • Target

      eba985827b206ab3935fee6c61738abfe20163df892f1ff3c225e896789ebfeaN

    • Size

      455KB

    • MD5

      0e4f3aab67a61fd35812a63dcb7e0c10

    • SHA1

      42d341bdd2a410137ebc93fe162311a3a43a19ca

    • SHA256

      eba985827b206ab3935fee6c61738abfe20163df892f1ff3c225e896789ebfea

    • SHA512

      293d81f77f23995bc60ca5e44783aca8edaf3eca32fc04d1cad57d6a6a9c5a38ea1e29255f822727e350d148e1519bc49d2887af0dc1f9ab7aeb1fdab5277b08

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR3:q7Tc2NYHUrAwfMp3CDR3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks