General

  • Target

    af75537e3b31985c74c1e6506481aa1be3537d8c7fe463a6f811f762ac1c541a

  • Size

    454KB

  • Sample

    250120-k7njaaskay

  • MD5

    564b49a0f3b114d549753edeee698a0c

  • SHA1

    7fe3669a5047ac8f3f84bb424bd32250b438153c

  • SHA256

    af75537e3b31985c74c1e6506481aa1be3537d8c7fe463a6f811f762ac1c541a

  • SHA512

    9053e25005b19a37adfddb05af4a07df0ab383ea9c9ad5009ab6d229814634b5f4440c35d545dec515165665df6e7835ac41af87100067bcea2ac4a363e568fc

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV

Malware Config

Targets

    • Target

      af75537e3b31985c74c1e6506481aa1be3537d8c7fe463a6f811f762ac1c541a

    • Size

      454KB

    • MD5

      564b49a0f3b114d549753edeee698a0c

    • SHA1

      7fe3669a5047ac8f3f84bb424bd32250b438153c

    • SHA256

      af75537e3b31985c74c1e6506481aa1be3537d8c7fe463a6f811f762ac1c541a

    • SHA512

      9053e25005b19a37adfddb05af4a07df0ab383ea9c9ad5009ab6d229814634b5f4440c35d545dec515165665df6e7835ac41af87100067bcea2ac4a363e568fc

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks