General

  • Target

    109e75c5616e5d5b1e5b12d67d1a1ddd44f4b9e7eb611130f8058645e9fe2c6b.exe

  • Size

    6.2MB

  • Sample

    241110-chhyhaxblq

  • MD5

    5c5c0523e174894c2734a32e76301a35

  • SHA1

    c8ee59ce4f45a8a517c97709922ef0bcd669595e

  • SHA256

    109e75c5616e5d5b1e5b12d67d1a1ddd44f4b9e7eb611130f8058645e9fe2c6b

  • SHA512

    7ab4afe99c9d1750ef8e4204f2d9578d132e52f7f6e67ebfc078e0570fe0792b22462f7b094838c8503de3c34286f34c24bda6fae9480f412d9c344f0eb8dd0b

  • SSDEEP

    196608:SAYct5UxoOAgVHSEfY8NnuTa3s2l/64YCL3d+Hn:SHl9VVHSpDQs2p6zCJ+Hn

Malware Config

Targets

    • Target

      109e75c5616e5d5b1e5b12d67d1a1ddd44f4b9e7eb611130f8058645e9fe2c6b.exe

    • Size

      6.2MB

    • MD5

      5c5c0523e174894c2734a32e76301a35

    • SHA1

      c8ee59ce4f45a8a517c97709922ef0bcd669595e

    • SHA256

      109e75c5616e5d5b1e5b12d67d1a1ddd44f4b9e7eb611130f8058645e9fe2c6b

    • SHA512

      7ab4afe99c9d1750ef8e4204f2d9578d132e52f7f6e67ebfc078e0570fe0792b22462f7b094838c8503de3c34286f34c24bda6fae9480f412d9c344f0eb8dd0b

    • SSDEEP

      196608:SAYct5UxoOAgVHSEfY8NnuTa3s2l/64YCL3d+Hn:SHl9VVHSpDQs2p6zCJ+Hn

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks