General

  • Target

    a636daaddbc0143f3a01d46230662f125ccdfdce2613643fa9cdb67fa460a9b5.exe

  • Size

    3.7MB

  • Sample

    241218-2v5qgavrcs

  • MD5

    4062f74bf62046004298ebcb3629f2d4

  • SHA1

    9f7d9c6ee3f7881ba821fb7e2ab44004cc73afe8

  • SHA256

    a636daaddbc0143f3a01d46230662f125ccdfdce2613643fa9cdb67fa460a9b5

  • SHA512

    a580ea4e5491135652c054ae252638b57636fea294bd2406d5a7920a5274caeb3c03cc38ab21f29b9fa33e6469e1ae70add16a1c3abf6d7079f7922e3a4f9058

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98+:U6XLq/qPPslzKx/dJg1ErmNd

Malware Config

Targets

    • Target

      a636daaddbc0143f3a01d46230662f125ccdfdce2613643fa9cdb67fa460a9b5.exe

    • Size

      3.7MB

    • MD5

      4062f74bf62046004298ebcb3629f2d4

    • SHA1

      9f7d9c6ee3f7881ba821fb7e2ab44004cc73afe8

    • SHA256

      a636daaddbc0143f3a01d46230662f125ccdfdce2613643fa9cdb67fa460a9b5

    • SHA512

      a580ea4e5491135652c054ae252638b57636fea294bd2406d5a7920a5274caeb3c03cc38ab21f29b9fa33e6469e1ae70add16a1c3abf6d7079f7922e3a4f9058

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98+:U6XLq/qPPslzKx/dJg1ErmNd

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks