General

  • Target

    b4daf0822b54b35fd6cfb8e052c5331dda96d1d9eefab4a9c896059a50b8dd54

  • Size

    456KB

  • Sample

    250108-hn8n1ayncs

  • MD5

    ec53aa534a6f7f1be5f5bdb74ef7d558

  • SHA1

    ce975ed3fea4e6c1eb7d473909972e27bfa35d17

  • SHA256

    b4daf0822b54b35fd6cfb8e052c5331dda96d1d9eefab4a9c896059a50b8dd54

  • SHA512

    c40eb6a8efc39e4f10da50fed939211248ccd5cc9f0749cdc571f9cb8394dc9425789b6317678ce9f8da83e1777943281f028721fb0af08bc7ef1a651dc73329

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRt:q7Tc2NYHUrAwfMp3CDRt

Malware Config

Targets

    • Target

      b4daf0822b54b35fd6cfb8e052c5331dda96d1d9eefab4a9c896059a50b8dd54

    • Size

      456KB

    • MD5

      ec53aa534a6f7f1be5f5bdb74ef7d558

    • SHA1

      ce975ed3fea4e6c1eb7d473909972e27bfa35d17

    • SHA256

      b4daf0822b54b35fd6cfb8e052c5331dda96d1d9eefab4a9c896059a50b8dd54

    • SHA512

      c40eb6a8efc39e4f10da50fed939211248ccd5cc9f0749cdc571f9cb8394dc9425789b6317678ce9f8da83e1777943281f028721fb0af08bc7ef1a651dc73329

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRt:q7Tc2NYHUrAwfMp3CDRt

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks