General

  • Target

    bc0441b80dcafa7918bd54404a8ec369371383e7360798f820df8c8aa61acf88

  • Size

    454KB

  • Sample

    250108-h3wmzs1rhk

  • MD5

    ebe2600d634bfceb3ec7732c4edf9284

  • SHA1

    e129af3e22fa0b3dcef775e74704026ee1c4d2e2

  • SHA256

    bc0441b80dcafa7918bd54404a8ec369371383e7360798f820df8c8aa61acf88

  • SHA512

    dc4bd3ee9c9629e67399859cfa4f938f03e38fe60ac19391ad5b559f48dedef0dd67bb90a89d5ae6efbcf38e0a6cebcce273c2d15161178183f03ab50f39318e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbez:q7Tc2NYHUrAwfMp3CDz

Malware Config

Targets

    • Target

      bc0441b80dcafa7918bd54404a8ec369371383e7360798f820df8c8aa61acf88

    • Size

      454KB

    • MD5

      ebe2600d634bfceb3ec7732c4edf9284

    • SHA1

      e129af3e22fa0b3dcef775e74704026ee1c4d2e2

    • SHA256

      bc0441b80dcafa7918bd54404a8ec369371383e7360798f820df8c8aa61acf88

    • SHA512

      dc4bd3ee9c9629e67399859cfa4f938f03e38fe60ac19391ad5b559f48dedef0dd67bb90a89d5ae6efbcf38e0a6cebcce273c2d15161178183f03ab50f39318e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbez:q7Tc2NYHUrAwfMp3CDz

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks