General

  • Target

    b7c2de89f076a2212a98a2f8d26bd80051019c996594cab9b78981667ec71fea

  • Size

    454KB

  • Sample

    250108-htdqta1nhp

  • MD5

    071919c843c97f11ed4effa09c19cbc2

  • SHA1

    61265a82f6ff6f1b4ddce3bd3abf1131eb77cec9

  • SHA256

    b7c2de89f076a2212a98a2f8d26bd80051019c996594cab9b78981667ec71fea

  • SHA512

    2a6f1315923cfa9cda24204cb8245eac0214a8c0543e24bb149a99b21086f9dc2a35b3aad350018b2db8e66d692843251446624cf0839427030ab5bc19c48f4b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeby:q7Tc2NYHUrAwfMp3CDby

Malware Config

Targets

    • Target

      b7c2de89f076a2212a98a2f8d26bd80051019c996594cab9b78981667ec71fea

    • Size

      454KB

    • MD5

      071919c843c97f11ed4effa09c19cbc2

    • SHA1

      61265a82f6ff6f1b4ddce3bd3abf1131eb77cec9

    • SHA256

      b7c2de89f076a2212a98a2f8d26bd80051019c996594cab9b78981667ec71fea

    • SHA512

      2a6f1315923cfa9cda24204cb8245eac0214a8c0543e24bb149a99b21086f9dc2a35b3aad350018b2db8e66d692843251446624cf0839427030ab5bc19c48f4b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeby:q7Tc2NYHUrAwfMp3CDby

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks