General

  • Target

    a27e4fb4a4b822d163b2771b12c1411d7c82adbdb860b45b6c5965dceff0aeb2

  • Size

    456KB

  • Sample

    241224-afq5zswmfk

  • MD5

    dbe348da744b30037024dd7262361b8e

  • SHA1

    5e7852ab769e3bce8cd22044f22c25000fea1399

  • SHA256

    a27e4fb4a4b822d163b2771b12c1411d7c82adbdb860b45b6c5965dceff0aeb2

  • SHA512

    98d00dfa5284a8488aa8c25cb634546ed03e8e5734e99d5bfa809c7b301c99917c589d41495168ddfc1a226fb145e0d73790d1e3ee76a664a1ebf272228c7e8e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeO:q7Tc2NYHUrAwfMp3CDO

Malware Config

Targets

    • Target

      a27e4fb4a4b822d163b2771b12c1411d7c82adbdb860b45b6c5965dceff0aeb2

    • Size

      456KB

    • MD5

      dbe348da744b30037024dd7262361b8e

    • SHA1

      5e7852ab769e3bce8cd22044f22c25000fea1399

    • SHA256

      a27e4fb4a4b822d163b2771b12c1411d7c82adbdb860b45b6c5965dceff0aeb2

    • SHA512

      98d00dfa5284a8488aa8c25cb634546ed03e8e5734e99d5bfa809c7b301c99917c589d41495168ddfc1a226fb145e0d73790d1e3ee76a664a1ebf272228c7e8e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeO:q7Tc2NYHUrAwfMp3CDO

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks