General

  • Target

    09a1f1c831b643c1e0de2bc71e44beef401b8b7853296b077183a07dacca0713N

  • Size

    60KB

  • Sample

    241109-rmtccsyndl

  • MD5

    e89bff9998c894821d8e6e4f60a129c0

  • SHA1

    d76bc3379994c3f75d96455f1fd78492f179b9c3

  • SHA256

    09a1f1c831b643c1e0de2bc71e44beef401b8b7853296b077183a07dacca0713

  • SHA512

    2193ad49d848b95b9cbeb29f7c55b22bf6fc140332bdddc97c4c78210a50cd456213f605950ec00a7fc21ef08bf9e63ff2a230c650460234a1fdb7ff7aa2c575

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFgja:ymb3NkkiQ3mdBjFIF2a

Malware Config

Targets

    • Target

      09a1f1c831b643c1e0de2bc71e44beef401b8b7853296b077183a07dacca0713N

    • Size

      60KB

    • MD5

      e89bff9998c894821d8e6e4f60a129c0

    • SHA1

      d76bc3379994c3f75d96455f1fd78492f179b9c3

    • SHA256

      09a1f1c831b643c1e0de2bc71e44beef401b8b7853296b077183a07dacca0713

    • SHA512

      2193ad49d848b95b9cbeb29f7c55b22bf6fc140332bdddc97c4c78210a50cd456213f605950ec00a7fc21ef08bf9e63ff2a230c650460234a1fdb7ff7aa2c575

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFgja:ymb3NkkiQ3mdBjFIF2a

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks