General

  • Target

    aab5d78c17fd5ee95510b6fa29a3001dccf2509b3fdd43a9cf57bf7fc601dbfc

  • Size

    1.3MB

  • Sample

    241110-hkddpa1hnn

  • MD5

    a339772ad45fd5d711a2f6331ef728f6

  • SHA1

    c40c6b32193eedfd9549543e201bc5590a3fdcf1

  • SHA256

    aab5d78c17fd5ee95510b6fa29a3001dccf2509b3fdd43a9cf57bf7fc601dbfc

  • SHA512

    37da1419221064bf93cfbb9c855146a61452b0798a0a98a77c964456d24b0fe2e7d4fff6739ecac89f168b20d8f3b93558bca390f547296cf631903713442105

  • SSDEEP

    24576:FHv2XRhUARvMpkFx9CwiOUb4P4b+kK4RofU9Jj6oSutcXgiotGCM0/SXf2:FHOXzRvOix9CwiOUMA+kKDfU9BdSuKfg

Malware Config

Targets

    • Target

      aab5d78c17fd5ee95510b6fa29a3001dccf2509b3fdd43a9cf57bf7fc601dbfc

    • Size

      1.3MB

    • MD5

      a339772ad45fd5d711a2f6331ef728f6

    • SHA1

      c40c6b32193eedfd9549543e201bc5590a3fdcf1

    • SHA256

      aab5d78c17fd5ee95510b6fa29a3001dccf2509b3fdd43a9cf57bf7fc601dbfc

    • SHA512

      37da1419221064bf93cfbb9c855146a61452b0798a0a98a77c964456d24b0fe2e7d4fff6739ecac89f168b20d8f3b93558bca390f547296cf631903713442105

    • SSDEEP

      24576:FHv2XRhUARvMpkFx9CwiOUb4P4b+kK4RofU9Jj6oSutcXgiotGCM0/SXf2:FHOXzRvOix9CwiOUMA+kKDfU9BdSuKfg

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks