General

  • Target

    0778be655845d8cca2db4e8d6ee29149f0b7a2b1039f86d4009f8e5c57aa162dN

  • Size

    453KB

  • Sample

    241110-ejkjtsymd1

  • MD5

    16a1966bfa859eab4b28f530c8c5c580

  • SHA1

    e1fd6760ac0a980fbb24ae439dbef5862aa42d3c

  • SHA256

    0778be655845d8cca2db4e8d6ee29149f0b7a2b1039f86d4009f8e5c57aa162d

  • SHA512

    3289fdcee7bf1bc7a94d784d1fa7483ceabcd418ef98e7fc7d6f097ea6c019255fac4f56564c51674ee803013db38fb214da5fe7bf0e833218a6df2472a6a7c2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeW:q7Tc2NYHUrAwfMp3CDW

Malware Config

Targets

    • Target

      0778be655845d8cca2db4e8d6ee29149f0b7a2b1039f86d4009f8e5c57aa162dN

    • Size

      453KB

    • MD5

      16a1966bfa859eab4b28f530c8c5c580

    • SHA1

      e1fd6760ac0a980fbb24ae439dbef5862aa42d3c

    • SHA256

      0778be655845d8cca2db4e8d6ee29149f0b7a2b1039f86d4009f8e5c57aa162d

    • SHA512

      3289fdcee7bf1bc7a94d784d1fa7483ceabcd418ef98e7fc7d6f097ea6c019255fac4f56564c51674ee803013db38fb214da5fe7bf0e833218a6df2472a6a7c2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeW:q7Tc2NYHUrAwfMp3CDW

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks