General

  • Target

    7a7a672064c0cb2c6c83277c7c12d76833c8d1c7a331fc04a06ce22cc030b855

  • Size

    454KB

  • Sample

    241223-2hxt4atnhj

  • MD5

    e9d2fcb199de9aa37ac5a6a763b3db5d

  • SHA1

    18caafcfc0a2881d2cfd896dd5fe7ba4a87f4643

  • SHA256

    7a7a672064c0cb2c6c83277c7c12d76833c8d1c7a331fc04a06ce22cc030b855

  • SHA512

    d4e8656c7ae6f637e7ff0e05e833ce060d39caeb4c9648be0633c2b359e1b24928fa4cdd728bf42e7a52287c9533fb17aacfcfc3539accad6cd56e34e21dbd25

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

Malware Config

Targets

    • Target

      7a7a672064c0cb2c6c83277c7c12d76833c8d1c7a331fc04a06ce22cc030b855

    • Size

      454KB

    • MD5

      e9d2fcb199de9aa37ac5a6a763b3db5d

    • SHA1

      18caafcfc0a2881d2cfd896dd5fe7ba4a87f4643

    • SHA256

      7a7a672064c0cb2c6c83277c7c12d76833c8d1c7a331fc04a06ce22cc030b855

    • SHA512

      d4e8656c7ae6f637e7ff0e05e833ce060d39caeb4c9648be0633c2b359e1b24928fa4cdd728bf42e7a52287c9533fb17aacfcfc3539accad6cd56e34e21dbd25

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks