General

  • Target

    d63abe588b87bbbc1854f05ee027b12f613a64ebc031c71044fcefc4a0108606

  • Size

    349KB

  • Sample

    241124-egfg4asphx

  • MD5

    c127df286098c6e50dcc0f98b10238be

  • SHA1

    01493860a0e40fa19b8e9787316dc79f9db6d558

  • SHA256

    d63abe588b87bbbc1854f05ee027b12f613a64ebc031c71044fcefc4a0108606

  • SHA512

    d005189b32569ca993f161e097f60762db154c053fdd432f1c2dd3c853ffdb8399acfec88e77cef27048b4c7ddbde2e08c2cbcbf7162eda1e5c4615db3f473d1

  • SSDEEP

    6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYA4K:l7TcbWXZshJX2VGd4K

Malware Config

Targets

    • Target

      d63abe588b87bbbc1854f05ee027b12f613a64ebc031c71044fcefc4a0108606

    • Size

      349KB

    • MD5

      c127df286098c6e50dcc0f98b10238be

    • SHA1

      01493860a0e40fa19b8e9787316dc79f9db6d558

    • SHA256

      d63abe588b87bbbc1854f05ee027b12f613a64ebc031c71044fcefc4a0108606

    • SHA512

      d005189b32569ca993f161e097f60762db154c053fdd432f1c2dd3c853ffdb8399acfec88e77cef27048b4c7ddbde2e08c2cbcbf7162eda1e5c4615db3f473d1

    • SSDEEP

      6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYA4K:l7TcbWXZshJX2VGd4K

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks