General

  • Target

    11ecf8d25ce7007f207c0d1f2323ce60577a183d1ec9830c53798b42f8fdd06a

  • Size

    454KB

  • Sample

    241223-ycs26synex

  • MD5

    26e47a741468ae2447aef83a6c757333

  • SHA1

    67b02a8d491a13031954390fd8a9582871f85c92

  • SHA256

    11ecf8d25ce7007f207c0d1f2323ce60577a183d1ec9830c53798b42f8fdd06a

  • SHA512

    05d40185474e5a31b99516b60af9e2c528e00fce7979564ce9c1eefa7033cea75c3d3e01721bbdd0a0f8e672f0d3e2ac47cbae7be11aabc39b0f04574a596c15

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeH2:q7Tc2NYHUrAwfMp3CDH2

Malware Config

Targets

    • Target

      11ecf8d25ce7007f207c0d1f2323ce60577a183d1ec9830c53798b42f8fdd06a

    • Size

      454KB

    • MD5

      26e47a741468ae2447aef83a6c757333

    • SHA1

      67b02a8d491a13031954390fd8a9582871f85c92

    • SHA256

      11ecf8d25ce7007f207c0d1f2323ce60577a183d1ec9830c53798b42f8fdd06a

    • SHA512

      05d40185474e5a31b99516b60af9e2c528e00fce7979564ce9c1eefa7033cea75c3d3e01721bbdd0a0f8e672f0d3e2ac47cbae7be11aabc39b0f04574a596c15

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeH2:q7Tc2NYHUrAwfMp3CDH2

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks