General

  • Target

    c4f44b35f74cd3c08676eff50970ec631011b70d6be7dee8d232b22058275496

  • Size

    454KB

  • Sample

    250108-jnypgasqhn

  • MD5

    b3dcf782c50db7c7c4cc12fd79b3a1ca

  • SHA1

    ab1a8a31fd56d4dfe86d8310f0512d8d3f62a9e4

  • SHA256

    c4f44b35f74cd3c08676eff50970ec631011b70d6be7dee8d232b22058275496

  • SHA512

    6dedd4a1b0dbe14a3544e1570aefe0b7c4679fd72831459c3147ab1fbd9c6a4e92cd7ae488fed93d9b617eca7f3f1864a4dc72d25d78e6e51ae16940d229f0fb

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

Malware Config

Targets

    • Target

      c4f44b35f74cd3c08676eff50970ec631011b70d6be7dee8d232b22058275496

    • Size

      454KB

    • MD5

      b3dcf782c50db7c7c4cc12fd79b3a1ca

    • SHA1

      ab1a8a31fd56d4dfe86d8310f0512d8d3f62a9e4

    • SHA256

      c4f44b35f74cd3c08676eff50970ec631011b70d6be7dee8d232b22058275496

    • SHA512

      6dedd4a1b0dbe14a3544e1570aefe0b7c4679fd72831459c3147ab1fbd9c6a4e92cd7ae488fed93d9b617eca7f3f1864a4dc72d25d78e6e51ae16940d229f0fb

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks