General

  • Target

    547100c1b96bcfafc8adfe7be1ed18f9d3e04159018e65ca13ecfe53e6c67721.exe

  • Size

    590KB

  • Sample

    241125-pypgfatmbm

  • MD5

    78e8370ba49ded9f9764a95d677c2539

  • SHA1

    8e511abd32684c0de7d5360dec2f36d48e78ebfe

  • SHA256

    547100c1b96bcfafc8adfe7be1ed18f9d3e04159018e65ca13ecfe53e6c67721

  • SHA512

    da8ce441aad0f703ec0183a4ba3ff47a78a8a9ec0a1529a42fdba75b94e4386c38e63b8e61f24a753ba7a3e9540ae2a8a4ffde0e0575a03462ec8fb28ba89789

  • SSDEEP

    6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayD:n3C9Lebz+xt4vFeFmgayD

Malware Config

Targets

    • Target

      547100c1b96bcfafc8adfe7be1ed18f9d3e04159018e65ca13ecfe53e6c67721.exe

    • Size

      590KB

    • MD5

      78e8370ba49ded9f9764a95d677c2539

    • SHA1

      8e511abd32684c0de7d5360dec2f36d48e78ebfe

    • SHA256

      547100c1b96bcfafc8adfe7be1ed18f9d3e04159018e65ca13ecfe53e6c67721

    • SHA512

      da8ce441aad0f703ec0183a4ba3ff47a78a8a9ec0a1529a42fdba75b94e4386c38e63b8e61f24a753ba7a3e9540ae2a8a4ffde0e0575a03462ec8fb28ba89789

    • SSDEEP

      6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayD:n3C9Lebz+xt4vFeFmgayD

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks