General

  • Target

    c665faee6f58ecab516b0558c608a51c53de81c085dba3cb88145802118a9678

  • Size

    454KB

  • Sample

    241223-deex4svkh1

  • MD5

    3fb5a98edeadf8ebe864ffb15eb38127

  • SHA1

    90cd09ff227538ecf13bfb81584ee945f0a6072f

  • SHA256

    c665faee6f58ecab516b0558c608a51c53de81c085dba3cb88145802118a9678

  • SHA512

    5bac707f6fe5a6deaaa2e0388bf24c4338536323878ff45d16ca96a4aaed64dc04eeba4ef4006c3555edcd87e184408906bbaed7d6c352cc6076731503e7139d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeS:q7Tc2NYHUrAwfMp3CDS

Malware Config

Targets

    • Target

      c665faee6f58ecab516b0558c608a51c53de81c085dba3cb88145802118a9678

    • Size

      454KB

    • MD5

      3fb5a98edeadf8ebe864ffb15eb38127

    • SHA1

      90cd09ff227538ecf13bfb81584ee945f0a6072f

    • SHA256

      c665faee6f58ecab516b0558c608a51c53de81c085dba3cb88145802118a9678

    • SHA512

      5bac707f6fe5a6deaaa2e0388bf24c4338536323878ff45d16ca96a4aaed64dc04eeba4ef4006c3555edcd87e184408906bbaed7d6c352cc6076731503e7139d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeS:q7Tc2NYHUrAwfMp3CDS

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks