General

  • Target

    52a381a7e71fe1cdac6f628cddcce66f441b18181ee9802b45333a86fd02275d

  • Size

    454KB

  • Sample

    241227-1s387a1khm

  • MD5

    f5ffdaa417ec9b126f5c2707c190e54c

  • SHA1

    45ce11f2739894a581e41cd032f47eb64f9d0ff8

  • SHA256

    52a381a7e71fe1cdac6f628cddcce66f441b18181ee9802b45333a86fd02275d

  • SHA512

    d5762dae8f1eb8d06e3c48a97425e23b94e5ac2442d70cd273b8323665209152dd6ba8101157220b29638635a2ed029ae0394939b3b4c698fe41838c69306135

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      52a381a7e71fe1cdac6f628cddcce66f441b18181ee9802b45333a86fd02275d

    • Size

      454KB

    • MD5

      f5ffdaa417ec9b126f5c2707c190e54c

    • SHA1

      45ce11f2739894a581e41cd032f47eb64f9d0ff8

    • SHA256

      52a381a7e71fe1cdac6f628cddcce66f441b18181ee9802b45333a86fd02275d

    • SHA512

      d5762dae8f1eb8d06e3c48a97425e23b94e5ac2442d70cd273b8323665209152dd6ba8101157220b29638635a2ed029ae0394939b3b4c698fe41838c69306135

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks