General

  • Target

    53b366779b6c0c9ae914bb22d2b7104ebae39282e4199bf77fa5cfb6b57ad8f3N.exe

  • Size

    456KB

  • Sample

    241225-xalpmsslfx

  • MD5

    19a1c8ed562a373bb36090ce19bca350

  • SHA1

    934d038f823d40a125b99903933022d02afd3eef

  • SHA256

    53b366779b6c0c9ae914bb22d2b7104ebae39282e4199bf77fa5cfb6b57ad8f3

  • SHA512

    2e2ae9472869a52b48fc7fdabb06e86d5c20664210c39189557d625f319b9dbbe819be16a5a716d20d33dd0936ba7bc413ffe5b6e1704d138ea60788708396dd

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRj:q7Tc2NYHUrAwfMp3CDRj

Malware Config

Targets

    • Target

      53b366779b6c0c9ae914bb22d2b7104ebae39282e4199bf77fa5cfb6b57ad8f3N.exe

    • Size

      456KB

    • MD5

      19a1c8ed562a373bb36090ce19bca350

    • SHA1

      934d038f823d40a125b99903933022d02afd3eef

    • SHA256

      53b366779b6c0c9ae914bb22d2b7104ebae39282e4199bf77fa5cfb6b57ad8f3

    • SHA512

      2e2ae9472869a52b48fc7fdabb06e86d5c20664210c39189557d625f319b9dbbe819be16a5a716d20d33dd0936ba7bc413ffe5b6e1704d138ea60788708396dd

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRj:q7Tc2NYHUrAwfMp3CDRj

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks