General

  • Target

    ea68216f15e150df7f2da475f8d4079411185e26ed154d3e2b59082ade589469

  • Size

    453KB

  • Sample

    241223-ewwsmawlbk

  • MD5

    fd9320ad7a7ef069db62e0456cc60269

  • SHA1

    b91ad8acb65e10995b79257b2d4117b839403a32

  • SHA256

    ea68216f15e150df7f2da475f8d4079411185e26ed154d3e2b59082ade589469

  • SHA512

    8a6f29c75f3043a24bd75e1748c2cbabf5a014345ba99df5ad60fb12134b430ccdb93f09a29d5e5d31be282504423ab81212b4416a16cfd1aec5f04632211c73

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

Malware Config

Targets

    • Target

      ea68216f15e150df7f2da475f8d4079411185e26ed154d3e2b59082ade589469

    • Size

      453KB

    • MD5

      fd9320ad7a7ef069db62e0456cc60269

    • SHA1

      b91ad8acb65e10995b79257b2d4117b839403a32

    • SHA256

      ea68216f15e150df7f2da475f8d4079411185e26ed154d3e2b59082ade589469

    • SHA512

      8a6f29c75f3043a24bd75e1748c2cbabf5a014345ba99df5ad60fb12134b430ccdb93f09a29d5e5d31be282504423ab81212b4416a16cfd1aec5f04632211c73

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks