General

  • Target

    220530e0d73554fed59ff62347df4aa3a9960c94eada14cb9b51bec9194e0b19N

  • Size

    70KB

  • Sample

    241030-wlaabayelf

  • MD5

    899bcffa41a085c3544e067c4123a070

  • SHA1

    0e0ac63057a9bbabfc442aaf2ea0a10269f5d716

  • SHA256

    220530e0d73554fed59ff62347df4aa3a9960c94eada14cb9b51bec9194e0b19

  • SHA512

    04eb30e588003a0073e0316ea7cc60cc98191e341195cfeb784c3533aeafb1e685cb25b753c644b02a882a46cecfd0b311948b20d486854adc7b9eb4f3bdc7ad

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfUcicZfx:ymb3NkkiQ3mdBjFI4V4ciK

Malware Config

Targets

    • Target

      220530e0d73554fed59ff62347df4aa3a9960c94eada14cb9b51bec9194e0b19N

    • Size

      70KB

    • MD5

      899bcffa41a085c3544e067c4123a070

    • SHA1

      0e0ac63057a9bbabfc442aaf2ea0a10269f5d716

    • SHA256

      220530e0d73554fed59ff62347df4aa3a9960c94eada14cb9b51bec9194e0b19

    • SHA512

      04eb30e588003a0073e0316ea7cc60cc98191e341195cfeb784c3533aeafb1e685cb25b753c644b02a882a46cecfd0b311948b20d486854adc7b9eb4f3bdc7ad

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfUcicZfx:ymb3NkkiQ3mdBjFI4V4ciK

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks