General

  • Target

    9656255856587b5f72579181f5fe8ef5d050823903aa87b2808b5aa317e705a6

  • Size

    456KB

  • Sample

    241223-bghqnssrds

  • MD5

    a7578d4f7c8dfb72df0100fae741b3fc

  • SHA1

    931add9de76cb6551b46da3dd7fd153b86891aa8

  • SHA256

    9656255856587b5f72579181f5fe8ef5d050823903aa87b2808b5aa317e705a6

  • SHA512

    81f30529ff5512b938d0b24a88ab26ffeff3c38b55830dcd48b4a2088590fa6352d354aca21dfc7cbc64e1b611a9e1dab372c4e44063309daecf8fd6ebced9a7

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRw:q7Tc2NYHUrAwfMp3CDRw

Malware Config

Targets

    • Target

      9656255856587b5f72579181f5fe8ef5d050823903aa87b2808b5aa317e705a6

    • Size

      456KB

    • MD5

      a7578d4f7c8dfb72df0100fae741b3fc

    • SHA1

      931add9de76cb6551b46da3dd7fd153b86891aa8

    • SHA256

      9656255856587b5f72579181f5fe8ef5d050823903aa87b2808b5aa317e705a6

    • SHA512

      81f30529ff5512b938d0b24a88ab26ffeff3c38b55830dcd48b4a2088590fa6352d354aca21dfc7cbc64e1b611a9e1dab372c4e44063309daecf8fd6ebced9a7

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRw:q7Tc2NYHUrAwfMp3CDRw

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks