General

  • Target

    22781e6e894e3a560aff93918ea32d4565eba7e6a42d66aa4923870b5c96fe50

  • Size

    455KB

  • Sample

    250127-zbveaavngn

  • MD5

    8df320f4f8a9114e739cc0e3956ad8fa

  • SHA1

    48fc3aaf007797e332f8a9d73075aeb46e9e1a13

  • SHA256

    22781e6e894e3a560aff93918ea32d4565eba7e6a42d66aa4923870b5c96fe50

  • SHA512

    c864ffff3e6608e61439e68691d65f403a5857e48bc4be03544b1a41600422414b2675f7cb6b7a936a38ebd67a5716625cab40b7a5c1b27a7e524cb02ea31821

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

Malware Config

Targets

    • Target

      22781e6e894e3a560aff93918ea32d4565eba7e6a42d66aa4923870b5c96fe50

    • Size

      455KB

    • MD5

      8df320f4f8a9114e739cc0e3956ad8fa

    • SHA1

      48fc3aaf007797e332f8a9d73075aeb46e9e1a13

    • SHA256

      22781e6e894e3a560aff93918ea32d4565eba7e6a42d66aa4923870b5c96fe50

    • SHA512

      c864ffff3e6608e61439e68691d65f403a5857e48bc4be03544b1a41600422414b2675f7cb6b7a936a38ebd67a5716625cab40b7a5c1b27a7e524cb02ea31821

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks