General

  • Target

    bda28231edc44befa27475604d33cae54f850b5117928ff98b429c61c27bf6c6

  • Size

    333KB

  • Sample

    250108-h74t6azldt

  • MD5

    fda14bc2c50db6ed23e5edaecdf0ead2

  • SHA1

    630d01d7d0a408fa390f0a6402511a30b91b226a

  • SHA256

    bda28231edc44befa27475604d33cae54f850b5117928ff98b429c61c27bf6c6

  • SHA512

    6cc9a8173bf5877067259d2e5ef304e5535f641cb307f229ca57147a3f7f2a1d6edf7ad981809f7b4266960fb087c5522da3d3769c5aa161ad289d76e1f60371

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbe2:R4wFHoSHYHUrAwfMp3CD2

Malware Config

Targets

    • Target

      bda28231edc44befa27475604d33cae54f850b5117928ff98b429c61c27bf6c6

    • Size

      333KB

    • MD5

      fda14bc2c50db6ed23e5edaecdf0ead2

    • SHA1

      630d01d7d0a408fa390f0a6402511a30b91b226a

    • SHA256

      bda28231edc44befa27475604d33cae54f850b5117928ff98b429c61c27bf6c6

    • SHA512

      6cc9a8173bf5877067259d2e5ef304e5535f641cb307f229ca57147a3f7f2a1d6edf7ad981809f7b4266960fb087c5522da3d3769c5aa161ad289d76e1f60371

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbe2:R4wFHoSHYHUrAwfMp3CD2

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks