General

  • Target

    8ecb8a49b5cf742f42e5c4c786d5b72c22c857a2944cf4af7ea69a76c0454c47

  • Size

    453KB

  • Sample

    241223-3g7hksvpbn

  • MD5

    1e3bb767d7287c1473fb2d9b9529736f

  • SHA1

    86f3675f465380c75eebcbe98eeb10128bef3e40

  • SHA256

    8ecb8a49b5cf742f42e5c4c786d5b72c22c857a2944cf4af7ea69a76c0454c47

  • SHA512

    4f91bf2aacb4174b6794ba2c186fb522ff31789e45ab6ebc407c60fa1418811b14a4243823b9679acb5f6c75ff40448b8c93e0d07e18798f7cdd8e3831ceec90

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP:q7Tc2NYHUrAwfMp3CDP

Malware Config

Targets

    • Target

      8ecb8a49b5cf742f42e5c4c786d5b72c22c857a2944cf4af7ea69a76c0454c47

    • Size

      453KB

    • MD5

      1e3bb767d7287c1473fb2d9b9529736f

    • SHA1

      86f3675f465380c75eebcbe98eeb10128bef3e40

    • SHA256

      8ecb8a49b5cf742f42e5c4c786d5b72c22c857a2944cf4af7ea69a76c0454c47

    • SHA512

      4f91bf2aacb4174b6794ba2c186fb522ff31789e45ab6ebc407c60fa1418811b14a4243823b9679acb5f6c75ff40448b8c93e0d07e18798f7cdd8e3831ceec90

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP:q7Tc2NYHUrAwfMp3CDP

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks