General

  • Target

    403bce3a74fc6b7efaa716016e524d713591951ab27daa81ee48578cbea9797fN

  • Size

    287KB

  • Sample

    241110-dn88baxpgz

  • MD5

    0205d8957a5673ca826691dacefd7cb0

  • SHA1

    28520c1fba1f2e09432e7c211f0b5099cb0485c9

  • SHA256

    403bce3a74fc6b7efaa716016e524d713591951ab27daa81ee48578cbea9797f

  • SHA512

    9b4afe968c28fd7f3ca2a53e69cbbdfbe55a4cd90f1d0a0d28576e85a3e07548aeeb3117db252e7c3d27e68e9fa287328cb410e6482ea3ac2a05017a1d178852

  • SSDEEP

    3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKPJFs:Tcm7ImGddXlWrXF5lpKGYV0wh6JK

Malware Config

Targets

    • Target

      403bce3a74fc6b7efaa716016e524d713591951ab27daa81ee48578cbea9797fN

    • Size

      287KB

    • MD5

      0205d8957a5673ca826691dacefd7cb0

    • SHA1

      28520c1fba1f2e09432e7c211f0b5099cb0485c9

    • SHA256

      403bce3a74fc6b7efaa716016e524d713591951ab27daa81ee48578cbea9797f

    • SHA512

      9b4afe968c28fd7f3ca2a53e69cbbdfbe55a4cd90f1d0a0d28576e85a3e07548aeeb3117db252e7c3d27e68e9fa287328cb410e6482ea3ac2a05017a1d178852

    • SSDEEP

      3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKPJFs:Tcm7ImGddXlWrXF5lpKGYV0wh6JK

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks