General

  • Target

    c24d6c82104c978c9be1e3cf61a3a21f580cb6cc2b29f2c868fe7a3cb9d52de3

  • Size

    454KB

  • Sample

    250108-jjc7zasnhk

  • MD5

    566214a86f4b61209f354ca48a26d6ba

  • SHA1

    5473dd7d56e2fe683c45ef6b438e4871896609a7

  • SHA256

    c24d6c82104c978c9be1e3cf61a3a21f580cb6cc2b29f2c868fe7a3cb9d52de3

  • SHA512

    8b498de2f7b6442e3b2ab3555f1c0b8644e1b5aed367a71b2f25e55a5e76d50697ad30f86f234af0000d79ef9501f160cf78a3d628e3e7cd0add73a7f90c2de5

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      c24d6c82104c978c9be1e3cf61a3a21f580cb6cc2b29f2c868fe7a3cb9d52de3

    • Size

      454KB

    • MD5

      566214a86f4b61209f354ca48a26d6ba

    • SHA1

      5473dd7d56e2fe683c45ef6b438e4871896609a7

    • SHA256

      c24d6c82104c978c9be1e3cf61a3a21f580cb6cc2b29f2c868fe7a3cb9d52de3

    • SHA512

      8b498de2f7b6442e3b2ab3555f1c0b8644e1b5aed367a71b2f25e55a5e76d50697ad30f86f234af0000d79ef9501f160cf78a3d628e3e7cd0add73a7f90c2de5

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks