General

  • Target

    b90d3deb27b8ab734a441fd29583f69e8a5bf5ac1be89a247b2a4d3e654aacc5

  • Size

    454KB

  • Sample

    250108-hwpabsyqew

  • MD5

    b36ef2aff69ebe19735d0e6d72f14b77

  • SHA1

    ca5e56afbf9cbfeb8ec31fb3d4413e5b4c846985

  • SHA256

    b90d3deb27b8ab734a441fd29583f69e8a5bf5ac1be89a247b2a4d3e654aacc5

  • SHA512

    d5bcb4f49a55f0113698670b3851605de5493cd6f263c625a6fa700782d0c80711ea979fa3eafaa8a3fbff419e5b5d708dfe3517c7efe0f8b1336e0327d850c8

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbec:q7Tc2NYHUrAwfMp3CDc

Malware Config

Targets

    • Target

      b90d3deb27b8ab734a441fd29583f69e8a5bf5ac1be89a247b2a4d3e654aacc5

    • Size

      454KB

    • MD5

      b36ef2aff69ebe19735d0e6d72f14b77

    • SHA1

      ca5e56afbf9cbfeb8ec31fb3d4413e5b4c846985

    • SHA256

      b90d3deb27b8ab734a441fd29583f69e8a5bf5ac1be89a247b2a4d3e654aacc5

    • SHA512

      d5bcb4f49a55f0113698670b3851605de5493cd6f263c625a6fa700782d0c80711ea979fa3eafaa8a3fbff419e5b5d708dfe3517c7efe0f8b1336e0327d850c8

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbec:q7Tc2NYHUrAwfMp3CDc

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks