General

  • Target

    596011535e1f98ab06aa8ce72ef854fae80da7ea6e4d6c4380f413ec40c79c3e

  • Size

    457KB

  • Sample

    250328-1nfbkatl19

  • MD5

    b0968197740f76cede5c6516cfc99850

  • SHA1

    f3b18d0f66cea268bf4322f4b64db1ff5f219723

  • SHA256

    596011535e1f98ab06aa8ce72ef854fae80da7ea6e4d6c4380f413ec40c79c3e

  • SHA512

    aa1882d7a9caf7c4e257e491dfe86c928748b43cbc3ede271273a212ddd318ef26db728d59e8b72987f343c19ff82c6f43e583e2178e16ea69760523ebf1f976

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe4:q7Tc2NYHUrAwfMp3CD4

Malware Config

Targets

    • Target

      596011535e1f98ab06aa8ce72ef854fae80da7ea6e4d6c4380f413ec40c79c3e

    • Size

      457KB

    • MD5

      b0968197740f76cede5c6516cfc99850

    • SHA1

      f3b18d0f66cea268bf4322f4b64db1ff5f219723

    • SHA256

      596011535e1f98ab06aa8ce72ef854fae80da7ea6e4d6c4380f413ec40c79c3e

    • SHA512

      aa1882d7a9caf7c4e257e491dfe86c928748b43cbc3ede271273a212ddd318ef26db728d59e8b72987f343c19ff82c6f43e583e2178e16ea69760523ebf1f976

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe4:q7Tc2NYHUrAwfMp3CD4

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks