General

  • Target

    105b3cd7c45a69eba8b2b2509059e303bd969cb279d5eecfc3cba8449dc40f87

  • Size

    332KB

  • Sample

    241224-yddzmsvpaz

  • MD5

    718282396c93a1b834a49a61ec1caeac

  • SHA1

    6c5a47a597ecf7d48d3244e2fe5a22387231fe21

  • SHA256

    105b3cd7c45a69eba8b2b2509059e303bd969cb279d5eecfc3cba8449dc40f87

  • SHA512

    6b76f7361a43683237ea7d052a45266ab2c6dc246246db230563b4dc9d9e2560a245b99c137a222909291042512d33fa844b68c05963e7d2fc846535d4aee91d

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel:R4wFHoSHYHUrAwfMp3CDl

Malware Config

Targets

    • Target

      105b3cd7c45a69eba8b2b2509059e303bd969cb279d5eecfc3cba8449dc40f87

    • Size

      332KB

    • MD5

      718282396c93a1b834a49a61ec1caeac

    • SHA1

      6c5a47a597ecf7d48d3244e2fe5a22387231fe21

    • SHA256

      105b3cd7c45a69eba8b2b2509059e303bd969cb279d5eecfc3cba8449dc40f87

    • SHA512

      6b76f7361a43683237ea7d052a45266ab2c6dc246246db230563b4dc9d9e2560a245b99c137a222909291042512d33fa844b68c05963e7d2fc846535d4aee91d

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel:R4wFHoSHYHUrAwfMp3CDl

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks