General

  • Target

    c5779802aca41ef6c4cd82a3ad75ec4e45b56e3de30c5785dea0e0050fee17dfN.exe

  • Size

    454KB

  • Sample

    241226-aml5lssmhm

  • MD5

    b036505ebf60c8f0230f81975d087120

  • SHA1

    1c37276dd747912a29b1e5182633e5d14a02dd8a

  • SHA256

    c5779802aca41ef6c4cd82a3ad75ec4e45b56e3de30c5785dea0e0050fee17df

  • SHA512

    f2f292589e649088d1955158a9b7368435cb1875fa1c5e365f1530105a1aac10f84b116de5653f640ee75e074000d986b539bae76b821fb2a53f744cd364a38c

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe2:q7Tc2NYHUrAwfMp3CD2

Malware Config

Targets

    • Target

      c5779802aca41ef6c4cd82a3ad75ec4e45b56e3de30c5785dea0e0050fee17dfN.exe

    • Size

      454KB

    • MD5

      b036505ebf60c8f0230f81975d087120

    • SHA1

      1c37276dd747912a29b1e5182633e5d14a02dd8a

    • SHA256

      c5779802aca41ef6c4cd82a3ad75ec4e45b56e3de30c5785dea0e0050fee17df

    • SHA512

      f2f292589e649088d1955158a9b7368435cb1875fa1c5e365f1530105a1aac10f84b116de5653f640ee75e074000d986b539bae76b821fb2a53f744cd364a38c

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe2:q7Tc2NYHUrAwfMp3CD2

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks