General

  • Target

    2b3f2438282dbe3bc7fde664003f33054b0cc23505567452c1d45d5cf2f8628a

  • Size

    454KB

  • Sample

    250127-zl1daavmew

  • MD5

    925a4440a0c6057046d11803123bf87d

  • SHA1

    c57aded7815a66f3888f43b76e2504f25db7de2f

  • SHA256

    2b3f2438282dbe3bc7fde664003f33054b0cc23505567452c1d45d5cf2f8628a

  • SHA512

    b66c3ff306d228a3c1246b35d64e8d614a9f4b2427a6cc50fee7cf040adaedc02eb98605343882802e91af37129c614d12f98c9f723795d7335397f13503ccce

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeh7:q7Tc2NYHUrAwfMp3CDx

Malware Config

Targets

    • Target

      2b3f2438282dbe3bc7fde664003f33054b0cc23505567452c1d45d5cf2f8628a

    • Size

      454KB

    • MD5

      925a4440a0c6057046d11803123bf87d

    • SHA1

      c57aded7815a66f3888f43b76e2504f25db7de2f

    • SHA256

      2b3f2438282dbe3bc7fde664003f33054b0cc23505567452c1d45d5cf2f8628a

    • SHA512

      b66c3ff306d228a3c1246b35d64e8d614a9f4b2427a6cc50fee7cf040adaedc02eb98605343882802e91af37129c614d12f98c9f723795d7335397f13503ccce

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeh7:q7Tc2NYHUrAwfMp3CDx

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks