General

  • Target

    52069fabe4291f16145d88c4f2647fad7e8dc5813bb21eb924364eb584d4b631N

  • Size

    269KB

  • Sample

    241017-xyt1xs1ejg

  • MD5

    da13c9f04ce45c4b25f1becb01640ed0

  • SHA1

    374e33e3b1d131c60e5ec0af3c4f68212b94d880

  • SHA256

    52069fabe4291f16145d88c4f2647fad7e8dc5813bb21eb924364eb584d4b631

  • SHA512

    025efc6ef8e0c9fec68a24859b6c31745824af16b251f980a4c1bfe50c854b578e66c4bd7f6073a849a1be4bcd73f12140945e151f84494b8724ca276e4036d8

  • SSDEEP

    6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmx:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPU

Malware Config

Targets

    • Target

      52069fabe4291f16145d88c4f2647fad7e8dc5813bb21eb924364eb584d4b631N

    • Size

      269KB

    • MD5

      da13c9f04ce45c4b25f1becb01640ed0

    • SHA1

      374e33e3b1d131c60e5ec0af3c4f68212b94d880

    • SHA256

      52069fabe4291f16145d88c4f2647fad7e8dc5813bb21eb924364eb584d4b631

    • SHA512

      025efc6ef8e0c9fec68a24859b6c31745824af16b251f980a4c1bfe50c854b578e66c4bd7f6073a849a1be4bcd73f12140945e151f84494b8724ca276e4036d8

    • SSDEEP

      6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmx:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks