General

  • Target

    833f637dbbadf4989ceb10085240016054914c342d788290afe78c12f07379c8N.exe

  • Size

    454KB

  • Sample

    241226-evr32swrfj

  • MD5

    eb49d564f56ee1bfb2e565d14bdc1170

  • SHA1

    b31cd2d75517e4eaa1a11f0183c2a6953f4f9d52

  • SHA256

    833f637dbbadf4989ceb10085240016054914c342d788290afe78c12f07379c8

  • SHA512

    61fb7ba092c82c6c77c9102d9aeb5c712e2322561018ecf335856fb292a832568b35626eb5240adceb77f35933a79761fbd01bd8222a17862d22d39a09fd62b6

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbez:q7Tc2NYHUrAwfMp3CDz

Malware Config

Targets

    • Target

      833f637dbbadf4989ceb10085240016054914c342d788290afe78c12f07379c8N.exe

    • Size

      454KB

    • MD5

      eb49d564f56ee1bfb2e565d14bdc1170

    • SHA1

      b31cd2d75517e4eaa1a11f0183c2a6953f4f9d52

    • SHA256

      833f637dbbadf4989ceb10085240016054914c342d788290afe78c12f07379c8

    • SHA512

      61fb7ba092c82c6c77c9102d9aeb5c712e2322561018ecf335856fb292a832568b35626eb5240adceb77f35933a79761fbd01bd8222a17862d22d39a09fd62b6

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbez:q7Tc2NYHUrAwfMp3CDz

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks