General

  • Target

    2a804c4b895feab88cc42f56cb08e3d0d3ded7d9b59c16b43f236c1b785d9400

  • Size

    455KB

  • Sample

    250127-zlmgesvmdz

  • MD5

    c70987e42582aad70f1b4de4331675e7

  • SHA1

    d7078ca0ae752d4625ac28463a1be987473064d6

  • SHA256

    2a804c4b895feab88cc42f56cb08e3d0d3ded7d9b59c16b43f236c1b785d9400

  • SHA512

    7979314482cddc847c7e89ac576ae7c98216c6086701ed08a8857b364a139879abc753b035d03c142124567fbbc0532a9e7b4764326b98681c584e78d7c76d9b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      2a804c4b895feab88cc42f56cb08e3d0d3ded7d9b59c16b43f236c1b785d9400

    • Size

      455KB

    • MD5

      c70987e42582aad70f1b4de4331675e7

    • SHA1

      d7078ca0ae752d4625ac28463a1be987473064d6

    • SHA256

      2a804c4b895feab88cc42f56cb08e3d0d3ded7d9b59c16b43f236c1b785d9400

    • SHA512

      7979314482cddc847c7e89ac576ae7c98216c6086701ed08a8857b364a139879abc753b035d03c142124567fbbc0532a9e7b4764326b98681c584e78d7c76d9b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks