General

  • Target

    ac46bf9fc6c047e8e4d9d73979684b3a45001fd5eab7c366324642ab813797afN.exe

  • Size

    3.7MB

  • Sample

    241216-hyn3cazkhw

  • MD5

    c5224cabf04d7988bc114ed5a3c097f0

  • SHA1

    3d93a72f46f9032c26a0888cb555335b536024e5

  • SHA256

    ac46bf9fc6c047e8e4d9d73979684b3a45001fd5eab7c366324642ab813797af

  • SHA512

    f36792651b161f3d4fa5114101df844a30e4ab718e1e7589a5fffb1f675698f17ca581effe5a765a34a58eea6d547fe4955bf18c2c0381c5795c7bd8dcb1a7bb

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98u:U6XLq/qPPslzKx/dJg1ErmNf

Malware Config

Targets

    • Target

      ac46bf9fc6c047e8e4d9d73979684b3a45001fd5eab7c366324642ab813797afN.exe

    • Size

      3.7MB

    • MD5

      c5224cabf04d7988bc114ed5a3c097f0

    • SHA1

      3d93a72f46f9032c26a0888cb555335b536024e5

    • SHA256

      ac46bf9fc6c047e8e4d9d73979684b3a45001fd5eab7c366324642ab813797af

    • SHA512

      f36792651b161f3d4fa5114101df844a30e4ab718e1e7589a5fffb1f675698f17ca581effe5a765a34a58eea6d547fe4955bf18c2c0381c5795c7bd8dcb1a7bb

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98u:U6XLq/qPPslzKx/dJg1ErmNf

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks