General

  • Target

    8e5d3321d4edb02e73c5bdc8fa68eada313c8bf2fecaa25ecca6e97b4d4e80f0N

  • Size

    335KB

  • Sample

    241110-hjfgnasbla

  • MD5

    bf1878b2283eb03420ff43380f01dcf0

  • SHA1

    48f8a7b2c3b1ce02884e537ccb27f7935bd9a86d

  • SHA256

    8e5d3321d4edb02e73c5bdc8fa68eada313c8bf2fecaa25ecca6e97b4d4e80f0

  • SHA512

    e590d6e302cc911416e52fac4302bbb2dbf477a5d3a219b582642a86510e06e12b4fdef363fe4e323af800c7035f79535dc3b16620abf36e2bbbbd10e7c053ae

  • SSDEEP

    6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPh9:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTN

Malware Config

Targets

    • Target

      8e5d3321d4edb02e73c5bdc8fa68eada313c8bf2fecaa25ecca6e97b4d4e80f0N

    • Size

      335KB

    • MD5

      bf1878b2283eb03420ff43380f01dcf0

    • SHA1

      48f8a7b2c3b1ce02884e537ccb27f7935bd9a86d

    • SHA256

      8e5d3321d4edb02e73c5bdc8fa68eada313c8bf2fecaa25ecca6e97b4d4e80f0

    • SHA512

      e590d6e302cc911416e52fac4302bbb2dbf477a5d3a219b582642a86510e06e12b4fdef363fe4e323af800c7035f79535dc3b16620abf36e2bbbbd10e7c053ae

    • SSDEEP

      6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPh9:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTN

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks