General

  • Target

    4627a5716e93ef46de7c7d08f1f15c41e09ff1387eae5d32063e379eaafa83c8

  • Size

    7.0MB

  • Sample

    250328-xteenszwgt

  • MD5

    140d6af2f3437ac8739850591bc0bb30

  • SHA1

    061d6e2da3e6dc2eca5c92ca11918a46b2bd98c6

  • SHA256

    4627a5716e93ef46de7c7d08f1f15c41e09ff1387eae5d32063e379eaafa83c8

  • SHA512

    2765392b8e3a5d42dab7e7c610821e89ad25f10b80d86085c703927e18ba0f0a7e34d202a2feabf18408c647479a26646f1c6bfa4ecc4e1bbb3c73d014f41748

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkxk8EZk:ymb3NkkiQ3mdBjFIkxkpZk

Malware Config

Targets

    • Target

      4627a5716e93ef46de7c7d08f1f15c41e09ff1387eae5d32063e379eaafa83c8

    • Size

      7.0MB

    • MD5

      140d6af2f3437ac8739850591bc0bb30

    • SHA1

      061d6e2da3e6dc2eca5c92ca11918a46b2bd98c6

    • SHA256

      4627a5716e93ef46de7c7d08f1f15c41e09ff1387eae5d32063e379eaafa83c8

    • SHA512

      2765392b8e3a5d42dab7e7c610821e89ad25f10b80d86085c703927e18ba0f0a7e34d202a2feabf18408c647479a26646f1c6bfa4ecc4e1bbb3c73d014f41748

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkxk8EZk:ymb3NkkiQ3mdBjFIkxkpZk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks