General

  • Target

    c5157541b2b47d7035094cc555cf473794325b21e8233773ee624636c8082803

  • Size

    454KB

  • Sample

    250108-jph1ea1jdt

  • MD5

    dd0a9b041c86b45e7dda0df01f5fccfe

  • SHA1

    c46faeba618614cb580981d97ee8ff9edcfa3523

  • SHA256

    c5157541b2b47d7035094cc555cf473794325b21e8233773ee624636c8082803

  • SHA512

    c8975cab712174a2a34ff71282895ca0731fd8bbfbef3a42aa44c7042709b9543b35ca7f16d7990a41d413bff75ac0498831224be0c0a72203e5cd1be78d30d2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

Malware Config

Targets

    • Target

      c5157541b2b47d7035094cc555cf473794325b21e8233773ee624636c8082803

    • Size

      454KB

    • MD5

      dd0a9b041c86b45e7dda0df01f5fccfe

    • SHA1

      c46faeba618614cb580981d97ee8ff9edcfa3523

    • SHA256

      c5157541b2b47d7035094cc555cf473794325b21e8233773ee624636c8082803

    • SHA512

      c8975cab712174a2a34ff71282895ca0731fd8bbfbef3a42aa44c7042709b9543b35ca7f16d7990a41d413bff75ac0498831224be0c0a72203e5cd1be78d30d2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeN:q7Tc2NYHUrAwfMp3CDN

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks