General

  • Target

    bd8c213f826b95315bfde8e542a0ac20da007c81e216405d55bcfb866789a777

  • Size

    454KB

  • Sample

    250108-h7nsyazlcs

  • MD5

    c91ca7a7775240001c0561985e00f02f

  • SHA1

    c2960e0fbe92f88afaf9530544d70c1747d56f8b

  • SHA256

    bd8c213f826b95315bfde8e542a0ac20da007c81e216405d55bcfb866789a777

  • SHA512

    52f0328b29ab476a3a866e11b727befda9756455f43c14ec0da53ecc2f90a92a1912338cf487df5fc7bfd196cacc9a5c0a5e4c93535bfad1b19e328f89adfcb1

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      bd8c213f826b95315bfde8e542a0ac20da007c81e216405d55bcfb866789a777

    • Size

      454KB

    • MD5

      c91ca7a7775240001c0561985e00f02f

    • SHA1

      c2960e0fbe92f88afaf9530544d70c1747d56f8b

    • SHA256

      bd8c213f826b95315bfde8e542a0ac20da007c81e216405d55bcfb866789a777

    • SHA512

      52f0328b29ab476a3a866e11b727befda9756455f43c14ec0da53ecc2f90a92a1912338cf487df5fc7bfd196cacc9a5c0a5e4c93535bfad1b19e328f89adfcb1

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks