General

  • Target

    93aa711ba3b1328eca3bc949247f697c7c7b4708f3f6c9bb2c28f0aae14c7246

  • Size

    454KB

  • Sample

    250108-e9nzyawrel

  • MD5

    4869fcfa245524fadf1957e0c1c4e71c

  • SHA1

    3339e2dc48e222363aef649a46a7481682bfeaeb

  • SHA256

    93aa711ba3b1328eca3bc949247f697c7c7b4708f3f6c9bb2c28f0aae14c7246

  • SHA512

    08ff35b341849568e7d1b8482da9f504a845f6fcd5c5ead24c7fb6277db77ad0ef375f91a8c98deca44d162b3e16146374bafba9d9d266916e786a9538d8108f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeh:q7Tc2NYHUrAwfMp3CDh

Malware Config

Targets

    • Target

      93aa711ba3b1328eca3bc949247f697c7c7b4708f3f6c9bb2c28f0aae14c7246

    • Size

      454KB

    • MD5

      4869fcfa245524fadf1957e0c1c4e71c

    • SHA1

      3339e2dc48e222363aef649a46a7481682bfeaeb

    • SHA256

      93aa711ba3b1328eca3bc949247f697c7c7b4708f3f6c9bb2c28f0aae14c7246

    • SHA512

      08ff35b341849568e7d1b8482da9f504a845f6fcd5c5ead24c7fb6277db77ad0ef375f91a8c98deca44d162b3e16146374bafba9d9d266916e786a9538d8108f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeh:q7Tc2NYHUrAwfMp3CDh

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks