General

  • Target

    34f291272b9c3f12a6622d654d44ea2a9572d31aac179d4ad8748cfbdcf5d66bN.exe

  • Size

    454KB

  • Sample

    250204-znrtxstkgm

  • MD5

    43477d365e351d82b7ac143cfded5790

  • SHA1

    c1f472433bab86768ff20a22fea7c3f35e2e14bf

  • SHA256

    34f291272b9c3f12a6622d654d44ea2a9572d31aac179d4ad8748cfbdcf5d66b

  • SHA512

    fdc23cd6b9c94bc435b3cde1c04a00e0fd5fbf82fecf5d31c8c4e367cf88e5800ea8387f9a5fbed56f2155a04922438c0f03978c85bc5e83a51a9bfa51d9cb0b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeG:q7Tc2NYHUrAwfMp3CDG

Malware Config

Targets

    • Target

      34f291272b9c3f12a6622d654d44ea2a9572d31aac179d4ad8748cfbdcf5d66bN.exe

    • Size

      454KB

    • MD5

      43477d365e351d82b7ac143cfded5790

    • SHA1

      c1f472433bab86768ff20a22fea7c3f35e2e14bf

    • SHA256

      34f291272b9c3f12a6622d654d44ea2a9572d31aac179d4ad8748cfbdcf5d66b

    • SHA512

      fdc23cd6b9c94bc435b3cde1c04a00e0fd5fbf82fecf5d31c8c4e367cf88e5800ea8387f9a5fbed56f2155a04922438c0f03978c85bc5e83a51a9bfa51d9cb0b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeG:q7Tc2NYHUrAwfMp3CDG

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks