General

  • Target

    13de4b480bf198af59040764809eff3be4a1b8925de9b1baa2032a1c53b4b4c5.exe

  • Size

    454KB

  • Sample

    250108-f5zrbawlgw

  • MD5

    6cfa527eed7ed5d4f7724eb78c587a80

  • SHA1

    1ab47c82cb8e9f7f9e4853feb1b845a2f3eae68b

  • SHA256

    13de4b480bf198af59040764809eff3be4a1b8925de9b1baa2032a1c53b4b4c5

  • SHA512

    6438faed9c2e14e399bc7ba403f4f81e62837672152f1dc5f52f8cb4255a8915eb692cce94213e245a667975b17539333469a508dbf592b9b0796d80280bce43

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

Malware Config

Targets

    • Target

      13de4b480bf198af59040764809eff3be4a1b8925de9b1baa2032a1c53b4b4c5.exe

    • Size

      454KB

    • MD5

      6cfa527eed7ed5d4f7724eb78c587a80

    • SHA1

      1ab47c82cb8e9f7f9e4853feb1b845a2f3eae68b

    • SHA256

      13de4b480bf198af59040764809eff3be4a1b8925de9b1baa2032a1c53b4b4c5

    • SHA512

      6438faed9c2e14e399bc7ba403f4f81e62837672152f1dc5f52f8cb4255a8915eb692cce94213e245a667975b17539333469a508dbf592b9b0796d80280bce43

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks