General

  • Target

    ee54a7ecd2238bbfca03b8a77c8b0df9e42fba024434006f1dcb291aad4d24f1

  • Size

    939KB

  • Sample

    241110-gfrvvazpgy

  • MD5

    2501b379b3e341177e3422c8f35438bc

  • SHA1

    1d89b709931de16641a83ccdaa435679671487b5

  • SHA256

    ee54a7ecd2238bbfca03b8a77c8b0df9e42fba024434006f1dcb291aad4d24f1

  • SHA512

    613d70f3c2750630a101326d7fd3317c97f71948196ee25fa8e8b50db75003cf7a7689171d3a85a44ec4fca49bc71de3646cd02d9a07216372e3fe3ed06c15bb

  • SSDEEP

    24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8db:/CoYKYDESLw81RyyedqazSA

Malware Config

Targets

    • Target

      ee54a7ecd2238bbfca03b8a77c8b0df9e42fba024434006f1dcb291aad4d24f1

    • Size

      939KB

    • MD5

      2501b379b3e341177e3422c8f35438bc

    • SHA1

      1d89b709931de16641a83ccdaa435679671487b5

    • SHA256

      ee54a7ecd2238bbfca03b8a77c8b0df9e42fba024434006f1dcb291aad4d24f1

    • SHA512

      613d70f3c2750630a101326d7fd3317c97f71948196ee25fa8e8b50db75003cf7a7689171d3a85a44ec4fca49bc71de3646cd02d9a07216372e3fe3ed06c15bb

    • SSDEEP

      24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8db:/CoYKYDESLw81RyyedqazSA

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks