General

  • Target

    25e3cfde3bbc5571964a3e6f0a79cb4234611b4cf50fa42fac9570c5cef2a43c

  • Size

    334KB

  • Sample

    250127-zefqasvkd1

  • MD5

    3c0e653e8de2833983cd3840d0ed32f9

  • SHA1

    fa5768fe6e963dfd5074f52f63d1bf19d5a8fa0a

  • SHA256

    25e3cfde3bbc5571964a3e6f0a79cb4234611b4cf50fa42fac9570c5cef2a43c

  • SHA512

    f9e701023432994288bfd68f14ba290715a3807bcbd4eb65e2c09f1402065db5df8a841063704c12323275f442c693651c9a54a3d7c98ae81626b558eb2cb0a8

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeY:R4wFHoSHYHUrAwfMp3CDY

Malware Config

Targets

    • Target

      25e3cfde3bbc5571964a3e6f0a79cb4234611b4cf50fa42fac9570c5cef2a43c

    • Size

      334KB

    • MD5

      3c0e653e8de2833983cd3840d0ed32f9

    • SHA1

      fa5768fe6e963dfd5074f52f63d1bf19d5a8fa0a

    • SHA256

      25e3cfde3bbc5571964a3e6f0a79cb4234611b4cf50fa42fac9570c5cef2a43c

    • SHA512

      f9e701023432994288bfd68f14ba290715a3807bcbd4eb65e2c09f1402065db5df8a841063704c12323275f442c693651c9a54a3d7c98ae81626b558eb2cb0a8

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeY:R4wFHoSHYHUrAwfMp3CDY

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks