General

  • Target

    615e13a5ad55ec0bb1338bf6c17b358b81bc74afeb0f0adcf1b19758dc3b0746

  • Size

    939KB

  • Sample

    241110-hs7bqssbjj

  • MD5

    8f79504228f6a4d6cf37f104f1e48836

  • SHA1

    215272e267780b30ed0e41368fa8a9a3b3bc3725

  • SHA256

    615e13a5ad55ec0bb1338bf6c17b358b81bc74afeb0f0adcf1b19758dc3b0746

  • SHA512

    72ac6d48806df25dc29bc979ab4dcec677a6480aa74af537aae8ee5a44ea899358093d35aa381e0f8a2baa8a186cdf8ffff3e8cd12ffb3d663aba9881b21673d

  • SSDEEP

    24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8dr:/CoYKYDESLw81RyyedqazSw

Malware Config

Targets

    • Target

      615e13a5ad55ec0bb1338bf6c17b358b81bc74afeb0f0adcf1b19758dc3b0746

    • Size

      939KB

    • MD5

      8f79504228f6a4d6cf37f104f1e48836

    • SHA1

      215272e267780b30ed0e41368fa8a9a3b3bc3725

    • SHA256

      615e13a5ad55ec0bb1338bf6c17b358b81bc74afeb0f0adcf1b19758dc3b0746

    • SHA512

      72ac6d48806df25dc29bc979ab4dcec677a6480aa74af537aae8ee5a44ea899358093d35aa381e0f8a2baa8a186cdf8ffff3e8cd12ffb3d663aba9881b21673d

    • SSDEEP

      24576:/CoexKY5JEABpp7fw8tThRBsyeivYqazS8dr:/CoYKYDESLw81RyyedqazSw

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks