General

  • Target

    b455fd7b04a75c142f86ec3942122b661e5eafcd2244209f74ab4ce67ccb60ec

  • Size

    454KB

  • Sample

    250108-hnarzaymhy

  • MD5

    72c6ebd3ac27d3c9571dc8a19d484f70

  • SHA1

    209b3f5982ae893f30e21e2f8f575af2edc6eb65

  • SHA256

    b455fd7b04a75c142f86ec3942122b661e5eafcd2244209f74ab4ce67ccb60ec

  • SHA512

    6afbfe640724339220139d6c908a2ad2645f69ebb7b0b343237fe7ee78bc020b997606eed538f07c85a3cf41b57d97c2d7fb009908c118a0cf683484c485ee54

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

Malware Config

Targets

    • Target

      b455fd7b04a75c142f86ec3942122b661e5eafcd2244209f74ab4ce67ccb60ec

    • Size

      454KB

    • MD5

      72c6ebd3ac27d3c9571dc8a19d484f70

    • SHA1

      209b3f5982ae893f30e21e2f8f575af2edc6eb65

    • SHA256

      b455fd7b04a75c142f86ec3942122b661e5eafcd2244209f74ab4ce67ccb60ec

    • SHA512

      6afbfe640724339220139d6c908a2ad2645f69ebb7b0b343237fe7ee78bc020b997606eed538f07c85a3cf41b57d97c2d7fb009908c118a0cf683484c485ee54

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks