General

  • Target

    b56c9ab26a49ec97c6b242e334bb51958b3d2f6448ebb7cdead92b8a84dc9fb4

  • Size

    455KB

  • Sample

    250108-htqelsyphy

  • MD5

    285c4cf46165f72826f9c071f3d34c52

  • SHA1

    a8bf8f52d56090826d24dea41283226135c8399f

  • SHA256

    b56c9ab26a49ec97c6b242e334bb51958b3d2f6448ebb7cdead92b8a84dc9fb4

  • SHA512

    aad18ae1cc8ba72f4a9f8909f5072d8a2ec66d2de97710aeebd19f20093cb90c35b489430b4070067df9bfdf2fb3d9e2f47d7054dc24aec375522b83d1893ddc

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeug:q7Tc2NYHUrAwfMp3CDug

Malware Config

Targets

    • Target

      b56c9ab26a49ec97c6b242e334bb51958b3d2f6448ebb7cdead92b8a84dc9fb4

    • Size

      455KB

    • MD5

      285c4cf46165f72826f9c071f3d34c52

    • SHA1

      a8bf8f52d56090826d24dea41283226135c8399f

    • SHA256

      b56c9ab26a49ec97c6b242e334bb51958b3d2f6448ebb7cdead92b8a84dc9fb4

    • SHA512

      aad18ae1cc8ba72f4a9f8909f5072d8a2ec66d2de97710aeebd19f20093cb90c35b489430b4070067df9bfdf2fb3d9e2f47d7054dc24aec375522b83d1893ddc

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeug:q7Tc2NYHUrAwfMp3CDug

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks