General

  • Target

    13c96d1e32de79d2a280712f67183e62f8dfd1b18e2fc609ed8e9da9a0e556e1

  • Size

    332KB

  • Sample

    241122-ymvczsxncz

  • MD5

    f66e32ae53325232d1d14d721fbc2f6b

  • SHA1

    0686dc81ac94ace7db64d89e7eff3c847f01f036

  • SHA256

    13c96d1e32de79d2a280712f67183e62f8dfd1b18e2fc609ed8e9da9a0e556e1

  • SHA512

    55cff182fdfcd5c58a40fb92fcd91f8a7f91f749c109e4e14a1e0ae39896ff236eb3c386b00acbf520be2ab9970be8c99cfbeaaa1e2c3572358193f4b7177fde

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR:R4wFHoSHYHUrAwfMp3CDR

Malware Config

Targets

    • Target

      13c96d1e32de79d2a280712f67183e62f8dfd1b18e2fc609ed8e9da9a0e556e1

    • Size

      332KB

    • MD5

      f66e32ae53325232d1d14d721fbc2f6b

    • SHA1

      0686dc81ac94ace7db64d89e7eff3c847f01f036

    • SHA256

      13c96d1e32de79d2a280712f67183e62f8dfd1b18e2fc609ed8e9da9a0e556e1

    • SHA512

      55cff182fdfcd5c58a40fb92fcd91f8a7f91f749c109e4e14a1e0ae39896ff236eb3c386b00acbf520be2ab9970be8c99cfbeaaa1e2c3572358193f4b7177fde

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR:R4wFHoSHYHUrAwfMp3CDR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks