General

  • Target

    37ad94d257ca8b5be88ecb7de8ca42fda589ea307c54d92d0d9abe5646828d4a

  • Size

    73KB

  • Sample

    241224-z2paysxper

  • MD5

    75ce39d43ef52bdf3215491a2e294a01

  • SHA1

    a5fd26f0887dcbe3b07e039511c6d84839658891

  • SHA256

    37ad94d257ca8b5be88ecb7de8ca42fda589ea307c54d92d0d9abe5646828d4a

  • SHA512

    d32db1f2f221aaee73a4bc7afdd531226357ab693689ad24e315aa0d6c2afde94c75b4fb4d432a4caa48b6e52fa60566ceab350533ca40b6a7d4ea170ca9971c

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUPqrDZ5RxfVK5DTj:ymb3NkkiQ3mdBjF0yUmrfVcr

Malware Config

Targets

    • Target

      37ad94d257ca8b5be88ecb7de8ca42fda589ea307c54d92d0d9abe5646828d4a

    • Size

      73KB

    • MD5

      75ce39d43ef52bdf3215491a2e294a01

    • SHA1

      a5fd26f0887dcbe3b07e039511c6d84839658891

    • SHA256

      37ad94d257ca8b5be88ecb7de8ca42fda589ea307c54d92d0d9abe5646828d4a

    • SHA512

      d32db1f2f221aaee73a4bc7afdd531226357ab693689ad24e315aa0d6c2afde94c75b4fb4d432a4caa48b6e52fa60566ceab350533ca40b6a7d4ea170ca9971c

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUPqrDZ5RxfVK5DTj:ymb3NkkiQ3mdBjF0yUmrfVcr

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks