General

  • Target

    9c3e898b75c2fda2eedf128adbcd891a40d16b2af46cd96c4ac62cf56ce15c49

  • Size

    453KB

  • Sample

    241225-bb9xzasncw

  • MD5

    12fad5f472dce1ce739d894bf33a4508

  • SHA1

    49005eb30aee3c24bf8d887948f6da4f401732e0

  • SHA256

    9c3e898b75c2fda2eedf128adbcd891a40d16b2af46cd96c4ac62cf56ce15c49

  • SHA512

    e79ad33e02dbb27e8041fb6b99d3f568eba06cdafa5a8e1bedcd4292e608c3fa4cb1582f0b86a60bdb0193d15e789e29c7e5bd93788ed75127fe35bb7069f7e2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

Malware Config

Targets

    • Target

      9c3e898b75c2fda2eedf128adbcd891a40d16b2af46cd96c4ac62cf56ce15c49

    • Size

      453KB

    • MD5

      12fad5f472dce1ce739d894bf33a4508

    • SHA1

      49005eb30aee3c24bf8d887948f6da4f401732e0

    • SHA256

      9c3e898b75c2fda2eedf128adbcd891a40d16b2af46cd96c4ac62cf56ce15c49

    • SHA512

      e79ad33e02dbb27e8041fb6b99d3f568eba06cdafa5a8e1bedcd4292e608c3fa4cb1582f0b86a60bdb0193d15e789e29c7e5bd93788ed75127fe35bb7069f7e2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks