General

  • Target

    2d3ec822efe90a7297f5c24b8ef3200b784917c983aa39df2973dba82cae4f72

  • Size

    454KB

  • Sample

    250127-zp78aswjgl

  • MD5

    3d7c621fb63891f2b2dd2e4e13d457b5

  • SHA1

    b316588879fc708b49ae6078c6dd1ed43fddf3fa

  • SHA256

    2d3ec822efe90a7297f5c24b8ef3200b784917c983aa39df2973dba82cae4f72

  • SHA512

    c9072ff95dbfbf1b634e2b5f81713eda5f9341cabb159b0dda0715c783f4c33d07544b67fdc2d2c9772c46053db545f893e99676d5a43976c36d3200a028963f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

Malware Config

Targets

    • Target

      2d3ec822efe90a7297f5c24b8ef3200b784917c983aa39df2973dba82cae4f72

    • Size

      454KB

    • MD5

      3d7c621fb63891f2b2dd2e4e13d457b5

    • SHA1

      b316588879fc708b49ae6078c6dd1ed43fddf3fa

    • SHA256

      2d3ec822efe90a7297f5c24b8ef3200b784917c983aa39df2973dba82cae4f72

    • SHA512

      c9072ff95dbfbf1b634e2b5f81713eda5f9341cabb159b0dda0715c783f4c33d07544b67fdc2d2c9772c46053db545f893e99676d5a43976c36d3200a028963f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeE:q7Tc2NYHUrAwfMp3CDE

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks