General

  • Target

    46b844698444932a3f24015f7e46d1637b4923a8a659f86654eed9edb6aad60f

  • Size

    346KB

  • Sample

    241223-zyfjms1pbp

  • MD5

    f8a64f2c4b35529bdda5e88e089e03c4

  • SHA1

    fe302e141d1cbcf237d3558405b58764836518df

  • SHA256

    46b844698444932a3f24015f7e46d1637b4923a8a659f86654eed9edb6aad60f

  • SHA512

    b8591bc63110e72cbff2c13101e6ca736f8c3bb2609c090b0569de24e1d9f391661b5dffc3803653787d05868d5f420b8eccc8f0781ea732820c32c42648842b

  • SSDEEP

    6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAt:l7TcbWXZshJX2VGdt

Malware Config

Targets

    • Target

      46b844698444932a3f24015f7e46d1637b4923a8a659f86654eed9edb6aad60f

    • Size

      346KB

    • MD5

      f8a64f2c4b35529bdda5e88e089e03c4

    • SHA1

      fe302e141d1cbcf237d3558405b58764836518df

    • SHA256

      46b844698444932a3f24015f7e46d1637b4923a8a659f86654eed9edb6aad60f

    • SHA512

      b8591bc63110e72cbff2c13101e6ca736f8c3bb2609c090b0569de24e1d9f391661b5dffc3803653787d05868d5f420b8eccc8f0781ea732820c32c42648842b

    • SSDEEP

      6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAt:l7TcbWXZshJX2VGdt

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks