General

  • Target

    db58106231c215a683445e021386878db0cebafcb33216bc255d14d2a8354083.exe

  • Size

    332KB

  • Sample

    250127-sjv78atrax

  • MD5

    6767928e3ffd32702671bfec86a68811

  • SHA1

    6d2ef49c3da72f6d1cbbdad91ba2fe69a9243d05

  • SHA256

    db58106231c215a683445e021386878db0cebafcb33216bc255d14d2a8354083

  • SHA512

    891d78fce5121b49020781d69038456465e0f1b625a0c74b266b31b1f3c127b3f26013bc8750a24e24fed4c794ef44e47fb230d1cb2dc1ccd768a06bc8068b3f

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeZ:R4wFHoSHYHUrAwfMp3CDZ

Malware Config

Targets

    • Target

      db58106231c215a683445e021386878db0cebafcb33216bc255d14d2a8354083.exe

    • Size

      332KB

    • MD5

      6767928e3ffd32702671bfec86a68811

    • SHA1

      6d2ef49c3da72f6d1cbbdad91ba2fe69a9243d05

    • SHA256

      db58106231c215a683445e021386878db0cebafcb33216bc255d14d2a8354083

    • SHA512

      891d78fce5121b49020781d69038456465e0f1b625a0c74b266b31b1f3c127b3f26013bc8750a24e24fed4c794ef44e47fb230d1cb2dc1ccd768a06bc8068b3f

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeZ:R4wFHoSHYHUrAwfMp3CDZ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks