General

  • Target

    db91ec5a401a399ab903ad409bd97c66dbadc2be41a4f7476c8921e5d5e8b9c2.exe

  • Size

    455KB

  • Sample

    250127-sj5fwstrbw

  • MD5

    bdf7f540039f048f4bb791fdf16baacd

  • SHA1

    719aae44768c8f6ee2641e9a3581a4434a96e19b

  • SHA256

    db91ec5a401a399ab903ad409bd97c66dbadc2be41a4f7476c8921e5d5e8b9c2

  • SHA512

    ca85366fb1f28c6c3eeffee22cc8d7d8aa191de24ee2738a2fde61806e4d1a315320e53f859236089f3df3a9b433c666c2d35647c82b1bef8ecc527703bc5433

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

Malware Config

Targets

    • Target

      db91ec5a401a399ab903ad409bd97c66dbadc2be41a4f7476c8921e5d5e8b9c2.exe

    • Size

      455KB

    • MD5

      bdf7f540039f048f4bb791fdf16baacd

    • SHA1

      719aae44768c8f6ee2641e9a3581a4434a96e19b

    • SHA256

      db91ec5a401a399ab903ad409bd97c66dbadc2be41a4f7476c8921e5d5e8b9c2

    • SHA512

      ca85366fb1f28c6c3eeffee22cc8d7d8aa191de24ee2738a2fde61806e4d1a315320e53f859236089f3df3a9b433c666c2d35647c82b1bef8ecc527703bc5433

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks