General

  • Target

    c9c434da4c867be554dc901bc1bdc4a644872762cfa8dcedce1b8f9ab6233c95

  • Size

    73KB

  • Sample

    241224-xbxhjatndt

  • MD5

    0beb9c4cf55707358a5e5c2e1b77641a

  • SHA1

    f02072332c430f92020668f2341bb8dd4ebbac4e

  • SHA256

    c9c434da4c867be554dc901bc1bdc4a644872762cfa8dcedce1b8f9ab6233c95

  • SHA512

    bb3d70e4f26336b1d672f931c3552148c667fccf4197f16f6702cb1c3e542e19899236c448e4f85bac4f2e6d4f57ac329d8d41eb003d5dcb1f9af2f2c5cd21ce

  • SSDEEP

    1536:9VFF9aowJ5k3YkrQNSUgx9g038nUyho8P8Ox6DR9hCoQZuj5oLk01JT:Xv9aowc3YYeeWUyH8OyzCoQZq5ox

Malware Config

Targets

    • Target

      c9c434da4c867be554dc901bc1bdc4a644872762cfa8dcedce1b8f9ab6233c95

    • Size

      73KB

    • MD5

      0beb9c4cf55707358a5e5c2e1b77641a

    • SHA1

      f02072332c430f92020668f2341bb8dd4ebbac4e

    • SHA256

      c9c434da4c867be554dc901bc1bdc4a644872762cfa8dcedce1b8f9ab6233c95

    • SHA512

      bb3d70e4f26336b1d672f931c3552148c667fccf4197f16f6702cb1c3e542e19899236c448e4f85bac4f2e6d4f57ac329d8d41eb003d5dcb1f9af2f2c5cd21ce

    • SSDEEP

      1536:9VFF9aowJ5k3YkrQNSUgx9g038nUyho8P8Ox6DR9hCoQZuj5oLk01JT:Xv9aowc3YYeeWUyH8OyzCoQZq5ox

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

    • Fatalrat family

    • Fatal Rat payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Enterprise v15

Tasks