General

  • Target

    170953b83c2da9f5455e285a058ec836bd519b7464182e5dc92911e03e78c093N

  • Size

    454KB

  • Sample

    241109-zl7glavlek

  • MD5

    98fb189ef0a3c35c0383ca6e067e70e0

  • SHA1

    966d78f6e794336a39299e8c98a224dc6ebc7c52

  • SHA256

    170953b83c2da9f5455e285a058ec836bd519b7464182e5dc92911e03e78c093

  • SHA512

    24e62f331dfed160a382e75721afcdded20d6a5918ebfb98be3d38b99cfde068c7de59cb79aa0479121a4ba18050ea1411e5d48074a89978c770004dda57447f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

Malware Config

Targets

    • Target

      170953b83c2da9f5455e285a058ec836bd519b7464182e5dc92911e03e78c093N

    • Size

      454KB

    • MD5

      98fb189ef0a3c35c0383ca6e067e70e0

    • SHA1

      966d78f6e794336a39299e8c98a224dc6ebc7c52

    • SHA256

      170953b83c2da9f5455e285a058ec836bd519b7464182e5dc92911e03e78c093

    • SHA512

      24e62f331dfed160a382e75721afcdded20d6a5918ebfb98be3d38b99cfde068c7de59cb79aa0479121a4ba18050ea1411e5d48074a89978c770004dda57447f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks