General

  • Target

    46b9850b9130fe9d0811760f26b238c5846fae8fa0a1f4bbfcac3be8b4f5c253.exe

  • Size

    334KB

  • Sample

    250127-sa3wpstmhv

  • MD5

    55945f340574100dcc7a85dfde273892

  • SHA1

    58298715cfab00f986da4768f3f75c234845de00

  • SHA256

    46b9850b9130fe9d0811760f26b238c5846fae8fa0a1f4bbfcac3be8b4f5c253

  • SHA512

    2a75ba97b01d3e4bb8f29be6b54132699633670f74ba57f7f792ff6b7f88565a8190c3b22b86b6a2040af199cfe5384c0bfe92e8beebcf614280f3066ab10a65

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel2:R4wFHoSHYHUrAwfMp3CDl2

Malware Config

Targets

    • Target

      46b9850b9130fe9d0811760f26b238c5846fae8fa0a1f4bbfcac3be8b4f5c253.exe

    • Size

      334KB

    • MD5

      55945f340574100dcc7a85dfde273892

    • SHA1

      58298715cfab00f986da4768f3f75c234845de00

    • SHA256

      46b9850b9130fe9d0811760f26b238c5846fae8fa0a1f4bbfcac3be8b4f5c253

    • SHA512

      2a75ba97b01d3e4bb8f29be6b54132699633670f74ba57f7f792ff6b7f88565a8190c3b22b86b6a2040af199cfe5384c0bfe92e8beebcf614280f3066ab10a65

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel2:R4wFHoSHYHUrAwfMp3CDl2

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks