General

  • Target

    9eb5cea4d87deffe920c70c2e20717185aaf17a9e7ac539103163a4fc8dabee1

  • Size

    75KB

  • Sample

    241124-b168datlbl

  • MD5

    6a80c71d4bf36bba3919b38458520207

  • SHA1

    26ef483b9d94886f83d3e932a1133748acca31d7

  • SHA256

    9eb5cea4d87deffe920c70c2e20717185aaf17a9e7ac539103163a4fc8dabee1

  • SHA512

    06745695ee55a1ed775a892841fdc547398d025872b4397e05d23d6082e459845f3295465418b2e9340edc60ca1c5d59990fd5c8bb75654e2d56966c19278654

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk358nLA89OGvrFVHmsh:ymb3NkkiQ3mdBjFIvl358nLA89OMFVH/

Malware Config

Targets

    • Target

      9eb5cea4d87deffe920c70c2e20717185aaf17a9e7ac539103163a4fc8dabee1

    • Size

      75KB

    • MD5

      6a80c71d4bf36bba3919b38458520207

    • SHA1

      26ef483b9d94886f83d3e932a1133748acca31d7

    • SHA256

      9eb5cea4d87deffe920c70c2e20717185aaf17a9e7ac539103163a4fc8dabee1

    • SHA512

      06745695ee55a1ed775a892841fdc547398d025872b4397e05d23d6082e459845f3295465418b2e9340edc60ca1c5d59990fd5c8bb75654e2d56966c19278654

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIvuzk358nLA89OGvrFVHmsh:ymb3NkkiQ3mdBjFIvl358nLA89OMFVH/

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks