General

  • Target

    c2c7a57024071e3ec41e4b7a514779c6fc474dc18a66e8a5d127f72efbbfb971

  • Size

    335KB

  • Sample

    241224-bq6h4axnh1

  • MD5

    c7e65263044b25374e11257a6d551e1e

  • SHA1

    fb642cbbbcd2a2c74e6cbe5012e9be3bcfb66423

  • SHA256

    c2c7a57024071e3ec41e4b7a514779c6fc474dc18a66e8a5d127f72efbbfb971

  • SHA512

    7a6e24486a6cf1adda67fd072edffc23b689ed0e9be95d7a7bf306f34c973a808beb648891dd12c5722948b421b52a80180346ac81ee1f2ee7550fa6b2c2d5c1

  • SSDEEP

    6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhR:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTB

Malware Config

Targets

    • Target

      c2c7a57024071e3ec41e4b7a514779c6fc474dc18a66e8a5d127f72efbbfb971

    • Size

      335KB

    • MD5

      c7e65263044b25374e11257a6d551e1e

    • SHA1

      fb642cbbbcd2a2c74e6cbe5012e9be3bcfb66423

    • SHA256

      c2c7a57024071e3ec41e4b7a514779c6fc474dc18a66e8a5d127f72efbbfb971

    • SHA512

      7a6e24486a6cf1adda67fd072edffc23b689ed0e9be95d7a7bf306f34c973a808beb648891dd12c5722948b421b52a80180346ac81ee1f2ee7550fa6b2c2d5c1

    • SSDEEP

      6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhR:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTB

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks