General

  • Target

    c59266ee733f2e28603549149488376f2c1f6d45f93de356d8fc2ca006c62a60

  • Size

    455KB

  • Sample

    250108-jrp7hatjbl

  • MD5

    267395b918fd7b6eaace1329aa4f8226

  • SHA1

    4b5b02edecfbda6de81d5f88184d4d36c00dc14d

  • SHA256

    c59266ee733f2e28603549149488376f2c1f6d45f93de356d8fc2ca006c62a60

  • SHA512

    1ec8d44864fc131b7d28fad06579ca18c95a5be8f50ecf9c253f91fc37373600cdb301cff927574c5f2f8945d4a0c4dc9479764896fc88ecec4c19d1f8cbeb3f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbedi:q7Tc2NYHUrAwfMp3CDE

Malware Config

Targets

    • Target

      c59266ee733f2e28603549149488376f2c1f6d45f93de356d8fc2ca006c62a60

    • Size

      455KB

    • MD5

      267395b918fd7b6eaace1329aa4f8226

    • SHA1

      4b5b02edecfbda6de81d5f88184d4d36c00dc14d

    • SHA256

      c59266ee733f2e28603549149488376f2c1f6d45f93de356d8fc2ca006c62a60

    • SHA512

      1ec8d44864fc131b7d28fad06579ca18c95a5be8f50ecf9c253f91fc37373600cdb301cff927574c5f2f8945d4a0c4dc9479764896fc88ecec4c19d1f8cbeb3f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbedi:q7Tc2NYHUrAwfMp3CDE

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks