General

  • Target

    642b6c52b29a090b4acef85c8c9f287394ccbe718411c3d801a0f6238c8f8d61

  • Size

    453KB

  • Sample

    241122-arkscazrdx

  • MD5

    43329281f879a335bbbfb81dae3dcc5f

  • SHA1

    67ea86f7a992c3c7754e850ee448c66d57ad4d1f

  • SHA256

    642b6c52b29a090b4acef85c8c9f287394ccbe718411c3d801a0f6238c8f8d61

  • SHA512

    4fe6cd4b4a93fcba6581035773876557a4d9818845809fd0b8c77d22859fccc92e487e7656c017efc04f2396f7a0f47211a31cf38e3b76d6ab43c9e91f02491f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

Malware Config

Targets

    • Target

      642b6c52b29a090b4acef85c8c9f287394ccbe718411c3d801a0f6238c8f8d61

    • Size

      453KB

    • MD5

      43329281f879a335bbbfb81dae3dcc5f

    • SHA1

      67ea86f7a992c3c7754e850ee448c66d57ad4d1f

    • SHA256

      642b6c52b29a090b4acef85c8c9f287394ccbe718411c3d801a0f6238c8f8d61

    • SHA512

      4fe6cd4b4a93fcba6581035773876557a4d9818845809fd0b8c77d22859fccc92e487e7656c017efc04f2396f7a0f47211a31cf38e3b76d6ab43c9e91f02491f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks