General

  • Target

    c93912b5901e85e99142fcbf15a2cb596c98c5e61b52ad998f695a99f4075caaN.exe

  • Size

    3.7MB

  • Sample

    241202-p42c7azlel

  • MD5

    0471825561814a2acc015825ab2e3f70

  • SHA1

    3bfeae5057bb1675b973b2cedf00107fec01aede

  • SHA256

    c93912b5901e85e99142fcbf15a2cb596c98c5e61b52ad998f695a99f4075caa

  • SHA512

    8078cd0d3c22bfdde2076614ed87f89a7fad208ad21c2c29afb7088c87ba3825a69ee82c471f952dfff60d71faad1a580de5319c22c87b2a5c8e3d2578a6d67b

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98/:U6XLq/qPPslzKx/dJg1ErmNy

Malware Config

Targets

    • Target

      c93912b5901e85e99142fcbf15a2cb596c98c5e61b52ad998f695a99f4075caaN.exe

    • Size

      3.7MB

    • MD5

      0471825561814a2acc015825ab2e3f70

    • SHA1

      3bfeae5057bb1675b973b2cedf00107fec01aede

    • SHA256

      c93912b5901e85e99142fcbf15a2cb596c98c5e61b52ad998f695a99f4075caa

    • SHA512

      8078cd0d3c22bfdde2076614ed87f89a7fad208ad21c2c29afb7088c87ba3825a69ee82c471f952dfff60d71faad1a580de5319c22c87b2a5c8e3d2578a6d67b

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98/:U6XLq/qPPslzKx/dJg1ErmNy

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks