General

  • Target

    74f1d5feaec511cdcbc950055f45dedcfd84084a8d5eecf58b50eb31f89b0764

  • Size

    939KB

  • Sample

    241110-hl1kls1mgw

  • MD5

    9551d0609a31be8714bcda4023bd47ef

  • SHA1

    35caede7adb0bfd2d5f1fdc9d4184e7cec5ea02a

  • SHA256

    74f1d5feaec511cdcbc950055f45dedcfd84084a8d5eecf58b50eb31f89b0764

  • SHA512

    d9a6e9368a7fac578c317eb988fc15b000a4896b7752bcf255c42697682111705585d8669dac5a623b22a23da8593f9f8eb9d1e83d3b730b64327022c821e5ee

  • SSDEEP

    24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8da:/CoYKYDESLw81RyyedqazSx

Malware Config

Targets

    • Target

      74f1d5feaec511cdcbc950055f45dedcfd84084a8d5eecf58b50eb31f89b0764

    • Size

      939KB

    • MD5

      9551d0609a31be8714bcda4023bd47ef

    • SHA1

      35caede7adb0bfd2d5f1fdc9d4184e7cec5ea02a

    • SHA256

      74f1d5feaec511cdcbc950055f45dedcfd84084a8d5eecf58b50eb31f89b0764

    • SHA512

      d9a6e9368a7fac578c317eb988fc15b000a4896b7752bcf255c42697682111705585d8669dac5a623b22a23da8593f9f8eb9d1e83d3b730b64327022c821e5ee

    • SSDEEP

      24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8da:/CoYKYDESLw81RyyedqazSx

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks