General

  • Target

    8ab6c819841b4f00c3ce622ba2207b2a7c69d68de982542c29c76920aff6f479

  • Size

    454KB

  • Sample

    241223-azwvkssqeq

  • MD5

    38b9ab2ef5fdb731341c869d37e0c3d5

  • SHA1

    29a435a76c4e72b2ec75ed162b547b5e2a161074

  • SHA256

    8ab6c819841b4f00c3ce622ba2207b2a7c69d68de982542c29c76920aff6f479

  • SHA512

    df816ad040bb82870b8376662743eed5b27ab062a71452ea6818784f8db068dbc256bb901fbbcb7ba58b6bdab7dea06922e8142146eff7c30b572914bd6cc29b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

Malware Config

Targets

    • Target

      8ab6c819841b4f00c3ce622ba2207b2a7c69d68de982542c29c76920aff6f479

    • Size

      454KB

    • MD5

      38b9ab2ef5fdb731341c869d37e0c3d5

    • SHA1

      29a435a76c4e72b2ec75ed162b547b5e2a161074

    • SHA256

      8ab6c819841b4f00c3ce622ba2207b2a7c69d68de982542c29c76920aff6f479

    • SHA512

      df816ad040bb82870b8376662743eed5b27ab062a71452ea6818784f8db068dbc256bb901fbbcb7ba58b6bdab7dea06922e8142146eff7c30b572914bd6cc29b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks