General

  • Target

    25b2500ee3f2fbe3f33243ac1dee48d020b1a9e67c30b59fe78c46d60943126a

  • Size

    455KB

  • Sample

    250127-zd8ppavpdq

  • MD5

    48dd9075dcc1cd32773c3a4c632b40d4

  • SHA1

    520ec868cdc4b42c36972109f3833bd3ead00904

  • SHA256

    25b2500ee3f2fbe3f33243ac1dee48d020b1a9e67c30b59fe78c46d60943126a

  • SHA512

    dff0594b6c9a86b71e95b2785909092264302ba0ad4e39e290fd3b468e9cc34156339de00a12d20dc301978c5f10c06b0e81ee1bea1300b08b474489e9aecbc4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      25b2500ee3f2fbe3f33243ac1dee48d020b1a9e67c30b59fe78c46d60943126a

    • Size

      455KB

    • MD5

      48dd9075dcc1cd32773c3a4c632b40d4

    • SHA1

      520ec868cdc4b42c36972109f3833bd3ead00904

    • SHA256

      25b2500ee3f2fbe3f33243ac1dee48d020b1a9e67c30b59fe78c46d60943126a

    • SHA512

      dff0594b6c9a86b71e95b2785909092264302ba0ad4e39e290fd3b468e9cc34156339de00a12d20dc301978c5f10c06b0e81ee1bea1300b08b474489e9aecbc4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks