General

  • Target

    bce42afd4143243f9fc72e15c52a42cf15efbf87bbe2cd02c916ba0abf83a72f

  • Size

    454KB

  • Sample

    250108-h6kd5azkgv

  • MD5

    c435c76635b5417cf532f0e6997ae186

  • SHA1

    aaad0c2ef17745490220bdb24b5ef956a82d4e12

  • SHA256

    bce42afd4143243f9fc72e15c52a42cf15efbf87bbe2cd02c916ba0abf83a72f

  • SHA512

    cda6e71562ab0ebc99f8d91eef66e1a567f4f0bcf7a000edc214d8bd1771185b195172de6b5c4b444dfd6d4235e29057a7f4d53a9c1037346006abd877b2509c

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

Malware Config

Targets

    • Target

      bce42afd4143243f9fc72e15c52a42cf15efbf87bbe2cd02c916ba0abf83a72f

    • Size

      454KB

    • MD5

      c435c76635b5417cf532f0e6997ae186

    • SHA1

      aaad0c2ef17745490220bdb24b5ef956a82d4e12

    • SHA256

      bce42afd4143243f9fc72e15c52a42cf15efbf87bbe2cd02c916ba0abf83a72f

    • SHA512

      cda6e71562ab0ebc99f8d91eef66e1a567f4f0bcf7a000edc214d8bd1771185b195172de6b5c4b444dfd6d4235e29057a7f4d53a9c1037346006abd877b2509c

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe8:q7Tc2NYHUrAwfMp3CD8

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks