General

  • Target

    ab89cb63ee1bcc00be83bbb401af8b13d644a686d0c8d9952160e416f4074f88.exe

  • Size

    455KB

  • Sample

    250127-slsvwavngq

  • MD5

    f3b1e65a1cd4da01a9b7c59e53f20eb7

  • SHA1

    8fe818897b08aa83d6e326e8290ebb3de56aab4f

  • SHA256

    ab89cb63ee1bcc00be83bbb401af8b13d644a686d0c8d9952160e416f4074f88

  • SHA512

    664c9ba7701fdc9b123ffcaa567d9d6e5b267c13adbcc7b549fe8e2a3768ef318fa8f27de1dd31f6206533f632d8bc5cbb4cbb4096916fed9be95b09edec3abe

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbekpC:q7Tc2NYHUrAwfMp3CDkpC

Malware Config

Targets

    • Target

      ab89cb63ee1bcc00be83bbb401af8b13d644a686d0c8d9952160e416f4074f88.exe

    • Size

      455KB

    • MD5

      f3b1e65a1cd4da01a9b7c59e53f20eb7

    • SHA1

      8fe818897b08aa83d6e326e8290ebb3de56aab4f

    • SHA256

      ab89cb63ee1bcc00be83bbb401af8b13d644a686d0c8d9952160e416f4074f88

    • SHA512

      664c9ba7701fdc9b123ffcaa567d9d6e5b267c13adbcc7b549fe8e2a3768ef318fa8f27de1dd31f6206533f632d8bc5cbb4cbb4096916fed9be95b09edec3abe

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbekpC:q7Tc2NYHUrAwfMp3CDkpC

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks