General

  • Target

    51c33c1913483f266b63bc99cb982cb4c655cf7b514dc8d024224b39f388e88e.exe

  • Size

    455KB

  • Sample

    250127-sjzkmsvnar

  • MD5

    abe16e1c6ff4989c2b0d5fa748253326

  • SHA1

    1a7c7474b8d9bad794e43424a16efdd8e75bcbaf

  • SHA256

    51c33c1913483f266b63bc99cb982cb4c655cf7b514dc8d024224b39f388e88e

  • SHA512

    3d3cc17d23ded34d1a7fc1168820f73f7d42cbfab614500a66f5d355fc366e2945908194e9997548d51eddb301713ad5351235dee7585301f7fd25f79bebbd8d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeG:q7Tc2NYHUrAwfMp3CDG

Malware Config

Targets

    • Target

      51c33c1913483f266b63bc99cb982cb4c655cf7b514dc8d024224b39f388e88e.exe

    • Size

      455KB

    • MD5

      abe16e1c6ff4989c2b0d5fa748253326

    • SHA1

      1a7c7474b8d9bad794e43424a16efdd8e75bcbaf

    • SHA256

      51c33c1913483f266b63bc99cb982cb4c655cf7b514dc8d024224b39f388e88e

    • SHA512

      3d3cc17d23ded34d1a7fc1168820f73f7d42cbfab614500a66f5d355fc366e2945908194e9997548d51eddb301713ad5351235dee7585301f7fd25f79bebbd8d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeG:q7Tc2NYHUrAwfMp3CDG

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks