General

  • Target

    bd003de2378883d618c9a70d4680d2d72662bbf3eee7c7a07f5058a6757944e5

  • Size

    454KB

  • Sample

    250108-h65eassjhn

  • MD5

    f22623451e3cd3d9dfb5f40ae0074b04

  • SHA1

    830fb8dc24de69ae3f2918d0f06d51e10fb22ace

  • SHA256

    bd003de2378883d618c9a70d4680d2d72662bbf3eee7c7a07f5058a6757944e5

  • SHA512

    ab70cb57320d2590bc29da01fe11078cebb9bec47e3f703b5a48efce360a528b4ea4b8e48dd577afb2f267508835e81804dab91f85c8ebd5b2fc9a87d4ae5b45

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

Malware Config

Targets

    • Target

      bd003de2378883d618c9a70d4680d2d72662bbf3eee7c7a07f5058a6757944e5

    • Size

      454KB

    • MD5

      f22623451e3cd3d9dfb5f40ae0074b04

    • SHA1

      830fb8dc24de69ae3f2918d0f06d51e10fb22ace

    • SHA256

      bd003de2378883d618c9a70d4680d2d72662bbf3eee7c7a07f5058a6757944e5

    • SHA512

      ab70cb57320d2590bc29da01fe11078cebb9bec47e3f703b5a48efce360a528b4ea4b8e48dd577afb2f267508835e81804dab91f85c8ebd5b2fc9a87d4ae5b45

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks