General

  • Target

    8b87325a2d0fb7ca4486751ac48f08d76c3090bd5bd3d783a01f31a640627537N

  • Size

    69KB

  • Sample

    241109-vdzpkaybmd

  • MD5

    ee741af85d582f2a983a39b547459610

  • SHA1

    e07128fd7719551945a7263f0db90c350100f535

  • SHA256

    8b87325a2d0fb7ca4486751ac48f08d76c3090bd5bd3d783a01f31a640627537

  • SHA512

    92c7dba1972e8111f147836d96bc9cdb9b79e9c62789ce31c986d05a07b84713238b7aab65b39ad528b706b460ff7284532da09463d9f25b6a79169194189cef

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcq:ymb3NkkiQ3mdBjFIsIVcq

Malware Config

Targets

    • Target

      8b87325a2d0fb7ca4486751ac48f08d76c3090bd5bd3d783a01f31a640627537N

    • Size

      69KB

    • MD5

      ee741af85d582f2a983a39b547459610

    • SHA1

      e07128fd7719551945a7263f0db90c350100f535

    • SHA256

      8b87325a2d0fb7ca4486751ac48f08d76c3090bd5bd3d783a01f31a640627537

    • SHA512

      92c7dba1972e8111f147836d96bc9cdb9b79e9c62789ce31c986d05a07b84713238b7aab65b39ad528b706b460ff7284532da09463d9f25b6a79169194189cef

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcq:ymb3NkkiQ3mdBjFIsIVcq

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks