General

  • Target

    c3c49a4729b91e72032fed3f91252672be5ad7e5a355fda320424f79a61a8549

  • Size

    332KB

  • Sample

    250108-jma7sazrd1

  • MD5

    34f7d8f86f40a36ad2feb8f80a1a4693

  • SHA1

    a74194667e944366debd217a87e5acd5ebf8ece0

  • SHA256

    c3c49a4729b91e72032fed3f91252672be5ad7e5a355fda320424f79a61a8549

  • SHA512

    daf122b9f0219d2477846e1c9e7d1dc936854dd9bb762950ca4cd2524279c5017628ba8669c58b343fc264c144ee479e9c7d6268be7d749a3e78f279e913f73f

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

Malware Config

Targets

    • Target

      c3c49a4729b91e72032fed3f91252672be5ad7e5a355fda320424f79a61a8549

    • Size

      332KB

    • MD5

      34f7d8f86f40a36ad2feb8f80a1a4693

    • SHA1

      a74194667e944366debd217a87e5acd5ebf8ece0

    • SHA256

      c3c49a4729b91e72032fed3f91252672be5ad7e5a355fda320424f79a61a8549

    • SHA512

      daf122b9f0219d2477846e1c9e7d1dc936854dd9bb762950ca4cd2524279c5017628ba8669c58b343fc264c144ee479e9c7d6268be7d749a3e78f279e913f73f

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeL:R4wFHoSHYHUrAwfMp3CDL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks