General

  • Target

    a46b742425db56d3eb923b0a4eb686771c26e9a5979c86027215ec54e8a2f2d9

  • Size

    453KB

  • Sample

    241223-b462satlhs

  • MD5

    6f15a998b54aa1da248ae4e9f5881417

  • SHA1

    fa2fdacc0902d688f6f7ec88d7d42ab38cde75e6

  • SHA256

    a46b742425db56d3eb923b0a4eb686771c26e9a5979c86027215ec54e8a2f2d9

  • SHA512

    d9ae53aeffb4e018661274b9b7757e6d03782902cebe00bf6dcd2d489fa7b0ed3b6af9210eb6f1aba9c31e660f8ab9af7b09bad1c9f4d78bafc5562c1ff9e62e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbey:q7Tc2NYHUrAwfMp3CDy

Malware Config

Targets

    • Target

      a46b742425db56d3eb923b0a4eb686771c26e9a5979c86027215ec54e8a2f2d9

    • Size

      453KB

    • MD5

      6f15a998b54aa1da248ae4e9f5881417

    • SHA1

      fa2fdacc0902d688f6f7ec88d7d42ab38cde75e6

    • SHA256

      a46b742425db56d3eb923b0a4eb686771c26e9a5979c86027215ec54e8a2f2d9

    • SHA512

      d9ae53aeffb4e018661274b9b7757e6d03782902cebe00bf6dcd2d489fa7b0ed3b6af9210eb6f1aba9c31e660f8ab9af7b09bad1c9f4d78bafc5562c1ff9e62e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbey:q7Tc2NYHUrAwfMp3CDy

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks