General

  • Size

    1MB

  • Sample

    220624-mg3lmabfdq

  • MD5

    f5aa803f52b91918139254834f6e21ce

  • SHA1

    d5698a1014ab1193379af75609594f2bc0e54d80

  • SHA256

    50f0d3c53631efa2b454e2a505754fad8bb2f5706d7bb88477449a188e652f68

  • SHA512

    2633a85b200e133c13874c362786716d890082cdf1ef31ce2aaaffd5f24b962a3e66337ca15dfe4c679d6aec000fb8dfbec04714850c6c3adadf9fc680aece76

Score
10/10

Malware Config

Targets

    • Target

      1.exe

    • Size

      1MB

    • MD5

      f5aa803f52b91918139254834f6e21ce

    • SHA1

      d5698a1014ab1193379af75609594f2bc0e54d80

    • SHA256

      50f0d3c53631efa2b454e2a505754fad8bb2f5706d7bb88477449a188e652f68

    • SHA512

      2633a85b200e133c13874c362786716d890082cdf1ef31ce2aaaffd5f24b962a3e66337ca15dfe4c679d6aec000fb8dfbec04714850c6c3adadf9fc680aece76

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation