General

  • Target

    ba17807e259e4f579e9565e137db8c523afa98e19853a80165c65bf2b8db7607

  • Size

    454KB

  • Sample

    250108-hy369syret

  • MD5

    fddbc0fe12541ffda2bf139c1847103b

  • SHA1

    3288d732d4d849faca4c2f5f1721eb77a3a9c860

  • SHA256

    ba17807e259e4f579e9565e137db8c523afa98e19853a80165c65bf2b8db7607

  • SHA512

    36c990c860b7ec326e9d39f91df186651e09fe1065f8d6c9455fe76008851c146ff6e278409baad2d9a8d8e12a196cb2300003acb6d6a9721ce23e69fce6ca7e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeZ:q7Tc2NYHUrAwfMp3CDZ

Malware Config

Targets

    • Target

      ba17807e259e4f579e9565e137db8c523afa98e19853a80165c65bf2b8db7607

    • Size

      454KB

    • MD5

      fddbc0fe12541ffda2bf139c1847103b

    • SHA1

      3288d732d4d849faca4c2f5f1721eb77a3a9c860

    • SHA256

      ba17807e259e4f579e9565e137db8c523afa98e19853a80165c65bf2b8db7607

    • SHA512

      36c990c860b7ec326e9d39f91df186651e09fe1065f8d6c9455fe76008851c146ff6e278409baad2d9a8d8e12a196cb2300003acb6d6a9721ce23e69fce6ca7e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeZ:q7Tc2NYHUrAwfMp3CDZ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks