General

  • Target

    b504df01d005d4a2c6f3c081662f4b81f9b0b7aaf9ca4c69ad4af0173dec4356

  • Size

    332KB

  • Sample

    250108-hpn1zsyndt

  • MD5

    159944281cf9a6067ffecab66ce76204

  • SHA1

    e126769174ab7ad09e5b8759a63754ba784a3517

  • SHA256

    b504df01d005d4a2c6f3c081662f4b81f9b0b7aaf9ca4c69ad4af0173dec4356

  • SHA512

    34972cff87ba17b7654045417cc6ad7f3292512d8190c1f716a0f6dc03fb04c48a98e4c0e0c21d416920a08525520378f11cfddc9b27376e35765b1b87949207

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeB:R4wFHoSHYHUrAwfMp3CDB

Malware Config

Targets

    • Target

      b504df01d005d4a2c6f3c081662f4b81f9b0b7aaf9ca4c69ad4af0173dec4356

    • Size

      332KB

    • MD5

      159944281cf9a6067ffecab66ce76204

    • SHA1

      e126769174ab7ad09e5b8759a63754ba784a3517

    • SHA256

      b504df01d005d4a2c6f3c081662f4b81f9b0b7aaf9ca4c69ad4af0173dec4356

    • SHA512

      34972cff87ba17b7654045417cc6ad7f3292512d8190c1f716a0f6dc03fb04c48a98e4c0e0c21d416920a08525520378f11cfddc9b27376e35765b1b87949207

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeB:R4wFHoSHYHUrAwfMp3CDB

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks