General

  • Target

    5d205650edfd504b73dc63661a74fc622102a0f20086324d9bca20406be7d124

  • Size

    454KB

  • Sample

    241224-2jnb2syqhy

  • MD5

    5d80e0916250699c9572dc276cadb2dc

  • SHA1

    5e499c67c80b7081ff719d4cb18c19ad1bf20107

  • SHA256

    5d205650edfd504b73dc63661a74fc622102a0f20086324d9bca20406be7d124

  • SHA512

    b35714c6a00da3ee68028e112c964468ac2cf5e8b7ef16ee9239f61af266dc17e1c987d17fea223712456ee10f091509cf5de53d72feb45141b035181f50d297

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeH:q7Tc2NYHUrAwfMp3CDH

Malware Config

Targets

    • Target

      5d205650edfd504b73dc63661a74fc622102a0f20086324d9bca20406be7d124

    • Size

      454KB

    • MD5

      5d80e0916250699c9572dc276cadb2dc

    • SHA1

      5e499c67c80b7081ff719d4cb18c19ad1bf20107

    • SHA256

      5d205650edfd504b73dc63661a74fc622102a0f20086324d9bca20406be7d124

    • SHA512

      b35714c6a00da3ee68028e112c964468ac2cf5e8b7ef16ee9239f61af266dc17e1c987d17fea223712456ee10f091509cf5de53d72feb45141b035181f50d297

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeH:q7Tc2NYHUrAwfMp3CDH

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks