General

  • Target

    86bf2787fcb1b9cd5c62a6714d25177f2535be104877d744929bbac833c00cd3.exe

  • Size

    456KB

  • Sample

    241226-cgn35atpfv

  • MD5

    61bee24192605ddde54ac752eed43eb6

  • SHA1

    49cddfb4e2cc7fe3b8a2f0c375425cb31eed6dc2

  • SHA256

    86bf2787fcb1b9cd5c62a6714d25177f2535be104877d744929bbac833c00cd3

  • SHA512

    20948cd5bfdd8437d93d87c997e583c8eafa81bb31c7cbb1b5c9059358fb5d8473d8350e4d2e777e6345a6b6d107fb6e697ba25bb18c5c8c34a4d22625c9cdc4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRR:q7Tc2NYHUrAwfMp3CDRR

Malware Config

Targets

    • Target

      86bf2787fcb1b9cd5c62a6714d25177f2535be104877d744929bbac833c00cd3.exe

    • Size

      456KB

    • MD5

      61bee24192605ddde54ac752eed43eb6

    • SHA1

      49cddfb4e2cc7fe3b8a2f0c375425cb31eed6dc2

    • SHA256

      86bf2787fcb1b9cd5c62a6714d25177f2535be104877d744929bbac833c00cd3

    • SHA512

      20948cd5bfdd8437d93d87c997e583c8eafa81bb31c7cbb1b5c9059358fb5d8473d8350e4d2e777e6345a6b6d107fb6e697ba25bb18c5c8c34a4d22625c9cdc4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRR:q7Tc2NYHUrAwfMp3CDRR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks