General

  • Target

    c23a039393be37a4a8d4b066e0949d64b149badb94913cae6eced62ad3bbc4fd

  • Size

    456KB

  • Sample

    250108-jhthkasner

  • MD5

    3799c66fab41c45c55aa6ab406d340b4

  • SHA1

    0ad46dc0dc1efa53fa0d2b260b56e560e215b9f9

  • SHA256

    c23a039393be37a4a8d4b066e0949d64b149badb94913cae6eced62ad3bbc4fd

  • SHA512

    4d46fb8a51da53890ca5fd887e9049085036a1f4ff19b7390c59b6386b4d6ad9273092722c8f5bd86128c6e2eeff757f36cc02e2e3796943a11a79cacd5a71c3

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRx:q7Tc2NYHUrAwfMp3CDRx

Malware Config

Targets

    • Target

      c23a039393be37a4a8d4b066e0949d64b149badb94913cae6eced62ad3bbc4fd

    • Size

      456KB

    • MD5

      3799c66fab41c45c55aa6ab406d340b4

    • SHA1

      0ad46dc0dc1efa53fa0d2b260b56e560e215b9f9

    • SHA256

      c23a039393be37a4a8d4b066e0949d64b149badb94913cae6eced62ad3bbc4fd

    • SHA512

      4d46fb8a51da53890ca5fd887e9049085036a1f4ff19b7390c59b6386b4d6ad9273092722c8f5bd86128c6e2eeff757f36cc02e2e3796943a11a79cacd5a71c3

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRx:q7Tc2NYHUrAwfMp3CDRx

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks