General

  • Target

    c06398649373f36e3dd1aae89f3532ff87e74b989a52eb2e52ab4e63a2588c83

  • Size

    333KB

  • Sample

    250108-jd51sszngw

  • MD5

    85f89cfad3936cb64bd41ed7a2f57786

  • SHA1

    c41236ac2431ae9e3656b0473fe438eb265bac65

  • SHA256

    c06398649373f36e3dd1aae89f3532ff87e74b989a52eb2e52ab4e63a2588c83

  • SHA512

    75f082afc242e8489d3a8273b52ff080eccbff8ff5875ad228cabcce4f110aebf9bf3aac93f1b1bdcdd4cd5007801541275f3ad40d899c8af8010434c6ad7cea

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

Malware Config

Targets

    • Target

      c06398649373f36e3dd1aae89f3532ff87e74b989a52eb2e52ab4e63a2588c83

    • Size

      333KB

    • MD5

      85f89cfad3936cb64bd41ed7a2f57786

    • SHA1

      c41236ac2431ae9e3656b0473fe438eb265bac65

    • SHA256

      c06398649373f36e3dd1aae89f3532ff87e74b989a52eb2e52ab4e63a2588c83

    • SHA512

      75f082afc242e8489d3a8273b52ff080eccbff8ff5875ad228cabcce4f110aebf9bf3aac93f1b1bdcdd4cd5007801541275f3ad40d899c8af8010434c6ad7cea

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks