General

  • Target

    a1c7bcdbea7d4a27c3bb4c254cbe7fb2a93937e2ee812fdd8a255b3c15e3eef6

  • Size

    453KB

  • Sample

    241223-b56gmstmax

  • MD5

    5c608f30b7ae2164e8b1670a1e1bd270

  • SHA1

    f861e7ec850942d6b6ffca7f5f4b7774b415f12d

  • SHA256

    a1c7bcdbea7d4a27c3bb4c254cbe7fb2a93937e2ee812fdd8a255b3c15e3eef6

  • SHA512

    c1ee64d60172d901adc7e88a6c34a59d0d0df6c6d6a14b98f1f3f02b3f7a113ec15948c654594c5dbdb0f3533d998ac5ff6aaf944699be25d9676598677a87c1

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbel:q7Tc2NYHUrAwfMp3CDl

Malware Config

Targets

    • Target

      a1c7bcdbea7d4a27c3bb4c254cbe7fb2a93937e2ee812fdd8a255b3c15e3eef6

    • Size

      453KB

    • MD5

      5c608f30b7ae2164e8b1670a1e1bd270

    • SHA1

      f861e7ec850942d6b6ffca7f5f4b7774b415f12d

    • SHA256

      a1c7bcdbea7d4a27c3bb4c254cbe7fb2a93937e2ee812fdd8a255b3c15e3eef6

    • SHA512

      c1ee64d60172d901adc7e88a6c34a59d0d0df6c6d6a14b98f1f3f02b3f7a113ec15948c654594c5dbdb0f3533d998ac5ff6aaf944699be25d9676598677a87c1

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbel:q7Tc2NYHUrAwfMp3CDl

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks