General

  • Target

    c6ac3075a86ba33ca902eebdd98cdd910c26f62354e00b3376f8d5daa9758161

  • Size

    335KB

  • Sample

    241219-d7h58sxjfm

  • MD5

    92268ac5d4ad9953d3ad64c6fec54977

  • SHA1

    3baffdf8d0f134a049b0ef1ceaf58a411dd38d9f

  • SHA256

    c6ac3075a86ba33ca902eebdd98cdd910c26f62354e00b3376f8d5daa9758161

  • SHA512

    9f49c9245046eb0e446b92fbb3b664a21747d5f5df68bc53ab3c994c09fc4b9ce4f87e5e7a28f6973b055205aef06ded86178ba6f3bb18276a1a0c44b9673be6

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRt:R4wFHoSHYHUrAwfMp3CDRt

Malware Config

Targets

    • Target

      c6ac3075a86ba33ca902eebdd98cdd910c26f62354e00b3376f8d5daa9758161

    • Size

      335KB

    • MD5

      92268ac5d4ad9953d3ad64c6fec54977

    • SHA1

      3baffdf8d0f134a049b0ef1ceaf58a411dd38d9f

    • SHA256

      c6ac3075a86ba33ca902eebdd98cdd910c26f62354e00b3376f8d5daa9758161

    • SHA512

      9f49c9245046eb0e446b92fbb3b664a21747d5f5df68bc53ab3c994c09fc4b9ce4f87e5e7a28f6973b055205aef06ded86178ba6f3bb18276a1a0c44b9673be6

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRt:R4wFHoSHYHUrAwfMp3CDRt

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks