General

  • Target

    a0513790c80db293a82e9e71bcedc31618da52d7434ae9142fec4fc3a6048ec5

  • Size

    453KB

  • Sample

    241223-bxw81atmgm

  • MD5

    1767a84134b8741183ff99cb91227d91

  • SHA1

    ace019c2b92f5183dcc683aa302c2530018428df

  • SHA256

    a0513790c80db293a82e9e71bcedc31618da52d7434ae9142fec4fc3a6048ec5

  • SHA512

    397d2decccd1046f78848d8e5fcdce92ac2342ffca6e1a398edf86817484a83371d576467b88eb64af8c5acd93714b0915db90206edb3beeee9af220d8bc7053

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

Malware Config

Targets

    • Target

      a0513790c80db293a82e9e71bcedc31618da52d7434ae9142fec4fc3a6048ec5

    • Size

      453KB

    • MD5

      1767a84134b8741183ff99cb91227d91

    • SHA1

      ace019c2b92f5183dcc683aa302c2530018428df

    • SHA256

      a0513790c80db293a82e9e71bcedc31618da52d7434ae9142fec4fc3a6048ec5

    • SHA512

      397d2decccd1046f78848d8e5fcdce92ac2342ffca6e1a398edf86817484a83371d576467b88eb64af8c5acd93714b0915db90206edb3beeee9af220d8bc7053

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks