General

  • Target

    44087ae08415466e0fa3644f6126d3c4521e1487121256311c742b410f9b583c

  • Size

    453KB

  • Sample

    241223-zvwfpa1ncr

  • MD5

    6c2363aa38f236c0cf59842c9dc4add1

  • SHA1

    b7137d103c69091fe2a0b124af8bf2599c5adad6

  • SHA256

    44087ae08415466e0fa3644f6126d3c4521e1487121256311c742b410f9b583c

  • SHA512

    fa1317022d9d692f16720c8d32e4005a2e569ae61b0ac0912c94c35ed70c6940c6f79f6cd2cb153418f83787c97160888c9d4cc5c1ba79fe54b4d6a116189855

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

Malware Config

Targets

    • Target

      44087ae08415466e0fa3644f6126d3c4521e1487121256311c742b410f9b583c

    • Size

      453KB

    • MD5

      6c2363aa38f236c0cf59842c9dc4add1

    • SHA1

      b7137d103c69091fe2a0b124af8bf2599c5adad6

    • SHA256

      44087ae08415466e0fa3644f6126d3c4521e1487121256311c742b410f9b583c

    • SHA512

      fa1317022d9d692f16720c8d32e4005a2e569ae61b0ac0912c94c35ed70c6940c6f79f6cd2cb153418f83787c97160888c9d4cc5c1ba79fe54b4d6a116189855

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks