General

  • Target

    4ec200b1e8fcdbd55e44610c1d73482d8b3b96f5c24be9c9fd31133a7b7e6a5d.exe

  • Size

    3.7MB

  • Sample

    241219-nmm9kasqhr

  • MD5

    dd046b69e8d48ebf28c12b52eb1d4d0b

  • SHA1

    234697c421a46f588c2674bad6a0ce2328c2751e

  • SHA256

    4ec200b1e8fcdbd55e44610c1d73482d8b3b96f5c24be9c9fd31133a7b7e6a5d

  • SHA512

    cc910d67380e2f62fb26d702f11c05ef2f73035f85ac8a166571335dfc089234a6127ee273e07622cadabfc783312329464ff313df6e0fafeb79ad927d1c98e2

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98O:U6XLq/qPPslzKx/dJg1ErmNx

Malware Config

Targets

    • Target

      4ec200b1e8fcdbd55e44610c1d73482d8b3b96f5c24be9c9fd31133a7b7e6a5d.exe

    • Size

      3.7MB

    • MD5

      dd046b69e8d48ebf28c12b52eb1d4d0b

    • SHA1

      234697c421a46f588c2674bad6a0ce2328c2751e

    • SHA256

      4ec200b1e8fcdbd55e44610c1d73482d8b3b96f5c24be9c9fd31133a7b7e6a5d

    • SHA512

      cc910d67380e2f62fb26d702f11c05ef2f73035f85ac8a166571335dfc089234a6127ee273e07622cadabfc783312329464ff313df6e0fafeb79ad927d1c98e2

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98O:U6XLq/qPPslzKx/dJg1ErmNx

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Njrat family

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks