General

  • Target

    25b014555d8b882107b0631d70c27d9e40bbb04c28c4040394aefbd173f780eb

  • Size

    455KB

  • Sample

    250127-zd42havpdm

  • MD5

    64f49a1385deef1a5a51ad13f8bd3c91

  • SHA1

    e5443938c68056a5c82fc073eec2907e7a0a0fc9

  • SHA256

    25b014555d8b882107b0631d70c27d9e40bbb04c28c4040394aefbd173f780eb

  • SHA512

    848a6a3942deec078d622bf50cc7cadc2b6ee7cd86a481446255e92c11dd9248eea38b0f1edb05fb9980ac05e62c614e8a650a51275c947c1b63057eaa09615f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbetZa:q7Tc2NYHUrAwfMp3CDt4

Malware Config

Targets

    • Target

      25b014555d8b882107b0631d70c27d9e40bbb04c28c4040394aefbd173f780eb

    • Size

      455KB

    • MD5

      64f49a1385deef1a5a51ad13f8bd3c91

    • SHA1

      e5443938c68056a5c82fc073eec2907e7a0a0fc9

    • SHA256

      25b014555d8b882107b0631d70c27d9e40bbb04c28c4040394aefbd173f780eb

    • SHA512

      848a6a3942deec078d622bf50cc7cadc2b6ee7cd86a481446255e92c11dd9248eea38b0f1edb05fb9980ac05e62c614e8a650a51275c947c1b63057eaa09615f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbetZa:q7Tc2NYHUrAwfMp3CDt4

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks