General

  • Target

    b4c3181aa3f25431645ba1036463022e66df933c522989a363108d9e28e21160

  • Size

    454KB

  • Sample

    250108-hqrs9syngt

  • MD5

    2f60b9b88cd3264f63d7144e998f33a2

  • SHA1

    93732181ca4675e5a75cbf4166cab46494829656

  • SHA256

    b4c3181aa3f25431645ba1036463022e66df933c522989a363108d9e28e21160

  • SHA512

    b7fa77195127b3f4eb135c7c551b1928fbcd7db94eb6ca4b16146b8ba1eb974cb788e71baf43a6e488459532ae78a527252684001fc2a8aa7ecb58b53c49b0d4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

Malware Config

Targets

    • Target

      b4c3181aa3f25431645ba1036463022e66df933c522989a363108d9e28e21160

    • Size

      454KB

    • MD5

      2f60b9b88cd3264f63d7144e998f33a2

    • SHA1

      93732181ca4675e5a75cbf4166cab46494829656

    • SHA256

      b4c3181aa3f25431645ba1036463022e66df933c522989a363108d9e28e21160

    • SHA512

      b7fa77195127b3f4eb135c7c551b1928fbcd7db94eb6ca4b16146b8ba1eb974cb788e71baf43a6e488459532ae78a527252684001fc2a8aa7ecb58b53c49b0d4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks