General

  • Target

    5b0489892f5d9cd364a733f7cb8c3a1ec82b0b926eccdc9041d69e34658db4d4N

  • Size

    454KB

  • Sample

    241031-a88whawrgk

  • MD5

    15f8dd914a3ac5f34690258ff6d0aac0

  • SHA1

    8b8c509db85dd444b3be76daf9866fa109086b49

  • SHA256

    5b0489892f5d9cd364a733f7cb8c3a1ec82b0b926eccdc9041d69e34658db4d4

  • SHA512

    4d5fc38f100e43d3e6b8ffcbbb6058486f08a2b0c43bf6114092425ece7b629e0aa9fef062cfcf8a504948564722e98964aa0f9290f2bd929f6fcd6b7a2cd29d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

Malware Config

Targets

    • Target

      5b0489892f5d9cd364a733f7cb8c3a1ec82b0b926eccdc9041d69e34658db4d4N

    • Size

      454KB

    • MD5

      15f8dd914a3ac5f34690258ff6d0aac0

    • SHA1

      8b8c509db85dd444b3be76daf9866fa109086b49

    • SHA256

      5b0489892f5d9cd364a733f7cb8c3a1ec82b0b926eccdc9041d69e34658db4d4

    • SHA512

      4d5fc38f100e43d3e6b8ffcbbb6058486f08a2b0c43bf6114092425ece7b629e0aa9fef062cfcf8a504948564722e98964aa0f9290f2bd929f6fcd6b7a2cd29d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks