General

  • Target

    0e47697cc018cac9753c083ebfcc583d237d392176112ee8fb920b7580566504N

  • Size

    392KB

  • Sample

    241110-htqelssbjq

  • MD5

    ebb655de5082b95744d6a20b298aa5c0

  • SHA1

    a9f4da09c405c66d7d8164f9f5746b40a37fd50b

  • SHA256

    0e47697cc018cac9753c083ebfcc583d237d392176112ee8fb920b7580566504

  • SHA512

    c56de12451d4641d7228bd2a8c8052bdc05776e6bf6b5b798c53310526f23c8a5ae88e1016d3faa9cab4c2c7796c1d55933ddb1d7f55cb84498d1832c5963a91

  • SSDEEP

    6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmj:m7TcJWjdpKGATTk/jYIOWN/KnnPg

Malware Config

Targets

    • Target

      0e47697cc018cac9753c083ebfcc583d237d392176112ee8fb920b7580566504N

    • Size

      392KB

    • MD5

      ebb655de5082b95744d6a20b298aa5c0

    • SHA1

      a9f4da09c405c66d7d8164f9f5746b40a37fd50b

    • SHA256

      0e47697cc018cac9753c083ebfcc583d237d392176112ee8fb920b7580566504

    • SHA512

      c56de12451d4641d7228bd2a8c8052bdc05776e6bf6b5b798c53310526f23c8a5ae88e1016d3faa9cab4c2c7796c1d55933ddb1d7f55cb84498d1832c5963a91

    • SSDEEP

      6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmj:m7TcJWjdpKGATTk/jYIOWN/KnnPg

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks