General

  • Target

    544ba5a2f797db1cc789edd052ed251d29b692f19b85ec0d97fd2047411ffdbc

  • Size

    335KB

  • Sample

    241222-2ghc1s1ndm

  • MD5

    882320eab3b10774600369841adc47f5

  • SHA1

    5d4e8913529b8f2bb1c732d6632daf502b3f1867

  • SHA256

    544ba5a2f797db1cc789edd052ed251d29b692f19b85ec0d97fd2047411ffdbc

  • SHA512

    0f5914751aa1b19904cd6892387c2f67b7c5b0087b2f4410b42c3d24d48dbb74326db1b10e6329a5bdc73eac8f585b6391d43e7fec70e71b5f21ac20e7da52a7

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR1:R4wFHoSHYHUrAwfMp3CDR1

Malware Config

Targets

    • Target

      544ba5a2f797db1cc789edd052ed251d29b692f19b85ec0d97fd2047411ffdbc

    • Size

      335KB

    • MD5

      882320eab3b10774600369841adc47f5

    • SHA1

      5d4e8913529b8f2bb1c732d6632daf502b3f1867

    • SHA256

      544ba5a2f797db1cc789edd052ed251d29b692f19b85ec0d97fd2047411ffdbc

    • SHA512

      0f5914751aa1b19904cd6892387c2f67b7c5b0087b2f4410b42c3d24d48dbb74326db1b10e6329a5bdc73eac8f585b6391d43e7fec70e71b5f21ac20e7da52a7

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR1:R4wFHoSHYHUrAwfMp3CDR1

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks