General

  • Target

    bc7959899ee8359d56cabe0545bc6f131453f071b2326359d5e494cc898938d1

  • Size

    332KB

  • Sample

    250108-h473easjcl

  • MD5

    af511fab26b228f68b2248dc415371e9

  • SHA1

    8298d872a4366cd07cd369b3deed183b950a81c5

  • SHA256

    bc7959899ee8359d56cabe0545bc6f131453f071b2326359d5e494cc898938d1

  • SHA512

    dc34216b39376e02e7054c5f5130c3754a6064be334bd2555c7d3265a1524ac0913780285aa2e49c5082972774ab6f1d73aab24aa157a4711a768d368521becc

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbef:R4wFHoSHYHUrAwfMp3CDf

Malware Config

Targets

    • Target

      bc7959899ee8359d56cabe0545bc6f131453f071b2326359d5e494cc898938d1

    • Size

      332KB

    • MD5

      af511fab26b228f68b2248dc415371e9

    • SHA1

      8298d872a4366cd07cd369b3deed183b950a81c5

    • SHA256

      bc7959899ee8359d56cabe0545bc6f131453f071b2326359d5e494cc898938d1

    • SHA512

      dc34216b39376e02e7054c5f5130c3754a6064be334bd2555c7d3265a1524ac0913780285aa2e49c5082972774ab6f1d73aab24aa157a4711a768d368521becc

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbef:R4wFHoSHYHUrAwfMp3CDf

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks