General

  • Target

    d124405736d89bc8e58bdf58e0becfb28d5fa3784e2b55c73cdaebc4d8cebad1

  • Size

    454KB

  • Sample

    241225-dk69jswlfn

  • MD5

    1194c8f7783166fc7c9637e2169b4e65

  • SHA1

    e66e589a3e64ee01a71a517a34a96d0853b24fbb

  • SHA256

    d124405736d89bc8e58bdf58e0becfb28d5fa3784e2b55c73cdaebc4d8cebad1

  • SHA512

    2ca85b93e68ccd966e632e2b18b97acbd32409025ded5e77a4389b9a40a4179b7bbe5f7f8263cab8ba530ed45dc6353ae7d74cd92c1964b1d4d7493936f332aa

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      d124405736d89bc8e58bdf58e0becfb28d5fa3784e2b55c73cdaebc4d8cebad1

    • Size

      454KB

    • MD5

      1194c8f7783166fc7c9637e2169b4e65

    • SHA1

      e66e589a3e64ee01a71a517a34a96d0853b24fbb

    • SHA256

      d124405736d89bc8e58bdf58e0becfb28d5fa3784e2b55c73cdaebc4d8cebad1

    • SHA512

      2ca85b93e68ccd966e632e2b18b97acbd32409025ded5e77a4389b9a40a4179b7bbe5f7f8263cab8ba530ed45dc6353ae7d74cd92c1964b1d4d7493936f332aa

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks