General

  • Target

    a650db69d805c629016e5705102f67b67ad7d55b8adcd2647b048d01f3aab36c

  • Size

    454KB

  • Sample

    241223-cacrhstpfp

  • MD5

    f8f6ec6fadaf04363fd0418180be5de2

  • SHA1

    38e5b815fa41c5809c14e98a5ea577ed524661a9

  • SHA256

    a650db69d805c629016e5705102f67b67ad7d55b8adcd2647b048d01f3aab36c

  • SHA512

    99f2e9b4e8db08abe7a1ee59ae39871863bbb04fbeed8799f1883d242791492bfd60470878c1c52152775ce3ffa86452df8cac4d92c581e16358543a7d877e82

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

Malware Config

Targets

    • Target

      a650db69d805c629016e5705102f67b67ad7d55b8adcd2647b048d01f3aab36c

    • Size

      454KB

    • MD5

      f8f6ec6fadaf04363fd0418180be5de2

    • SHA1

      38e5b815fa41c5809c14e98a5ea577ed524661a9

    • SHA256

      a650db69d805c629016e5705102f67b67ad7d55b8adcd2647b048d01f3aab36c

    • SHA512

      99f2e9b4e8db08abe7a1ee59ae39871863bbb04fbeed8799f1883d242791492bfd60470878c1c52152775ce3ffa86452df8cac4d92c581e16358543a7d877e82

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks