General

  • Target

    42ddc45555cfa2356c7590c6c37226bb9ee951bdc69d0f81439479024a73a8db

  • Size

    331KB

  • Sample

    241018-zvdwmszepl

  • MD5

    4916f3e11b398681f91c574d3c408324

  • SHA1

    d77650569a42b63a5035490091447723cf68297a

  • SHA256

    42ddc45555cfa2356c7590c6c37226bb9ee951bdc69d0f81439479024a73a8db

  • SHA512

    53ebfa676c616f60c2109ab31c5489653112e5d8e63fc1f7640c7538b7630220b94ccdd34b4e148539a42c44c40e7eb9ffa85878a6b262f7b1cb248760171fdb

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbe7:R4wFHoSHYHUrAwfMp3CD7

Malware Config

Targets

    • Target

      42ddc45555cfa2356c7590c6c37226bb9ee951bdc69d0f81439479024a73a8db

    • Size

      331KB

    • MD5

      4916f3e11b398681f91c574d3c408324

    • SHA1

      d77650569a42b63a5035490091447723cf68297a

    • SHA256

      42ddc45555cfa2356c7590c6c37226bb9ee951bdc69d0f81439479024a73a8db

    • SHA512

      53ebfa676c616f60c2109ab31c5489653112e5d8e63fc1f7640c7538b7630220b94ccdd34b4e148539a42c44c40e7eb9ffa85878a6b262f7b1cb248760171fdb

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbe7:R4wFHoSHYHUrAwfMp3CD7

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks