General

  • Target

    2447c2c246a2c5b8bc9cec697072c4ca94851fb1ffa7183c106a30fe5fb7a3e9

  • Size

    347KB

  • Sample

    250127-zbtgzsvngl

  • MD5

    17a4147f2f32a632b9b4d3e6c1240239

  • SHA1

    3365879e03cc690dfa900dce72f982db94cc45ce

  • SHA256

    2447c2c246a2c5b8bc9cec697072c4ca94851fb1ffa7183c106a30fe5fb7a3e9

  • SHA512

    882f02554b61bb6ca035e533191645aa7d3e0536f556ad7573c15d4146fa5d9cd71d29ade9a2a4b06871993ffa0d78093f3f84d3611428777435b3c1a88f2b00

  • SSDEEP

    6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAf:l7TcbWXZshJX2VGdf

Malware Config

Targets

    • Target

      2447c2c246a2c5b8bc9cec697072c4ca94851fb1ffa7183c106a30fe5fb7a3e9

    • Size

      347KB

    • MD5

      17a4147f2f32a632b9b4d3e6c1240239

    • SHA1

      3365879e03cc690dfa900dce72f982db94cc45ce

    • SHA256

      2447c2c246a2c5b8bc9cec697072c4ca94851fb1ffa7183c106a30fe5fb7a3e9

    • SHA512

      882f02554b61bb6ca035e533191645aa7d3e0536f556ad7573c15d4146fa5d9cd71d29ade9a2a4b06871993ffa0d78093f3f84d3611428777435b3c1a88f2b00

    • SSDEEP

      6144:Xcm7ImGddXgYW5fNZWB5hFfci3Add4kGYAf:l7TcbWXZshJX2VGdf

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks