General

  • Target

    2cfcfb1acdba524e4c668579f80ca9b24882aee5e9e81782b46f1ae748322e42

  • Size

    455KB

  • Sample

    250127-zpdzfswjel

  • MD5

    25b5085becea3c199d852d42660dcf86

  • SHA1

    4abed855cb8ac87e34e4534fb90b24f62613a3e7

  • SHA256

    2cfcfb1acdba524e4c668579f80ca9b24882aee5e9e81782b46f1ae748322e42

  • SHA512

    cbd21d3aa2c5a7c1c5a63935f20a6b8e2efc674a33a871f1b143805745414db046522bba58aed9fcf9b48cdc127f9acb62725f24249fbe3f0f6a93a633cf90bc

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbetp:q7Tc2NYHUrAwfMp3CDtp

Malware Config

Targets

    • Target

      2cfcfb1acdba524e4c668579f80ca9b24882aee5e9e81782b46f1ae748322e42

    • Size

      455KB

    • MD5

      25b5085becea3c199d852d42660dcf86

    • SHA1

      4abed855cb8ac87e34e4534fb90b24f62613a3e7

    • SHA256

      2cfcfb1acdba524e4c668579f80ca9b24882aee5e9e81782b46f1ae748322e42

    • SHA512

      cbd21d3aa2c5a7c1c5a63935f20a6b8e2efc674a33a871f1b143805745414db046522bba58aed9fcf9b48cdc127f9acb62725f24249fbe3f0f6a93a633cf90bc

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbetp:q7Tc2NYHUrAwfMp3CDtp

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks