General

  • Target

    4802dcc7e09a05cb13c2312de9aeefeeda2e3adb31a64221268d60f4e6f22967

  • Size

    458KB

  • Sample

    250328-ybgmrasky5

  • MD5

    784872ea17556eb59718107706d52b98

  • SHA1

    626bbdd4366e12b055edcfcb944181a17e35d44c

  • SHA256

    4802dcc7e09a05cb13c2312de9aeefeeda2e3adb31a64221268d60f4e6f22967

  • SHA512

    5369e2b0ae1bbd0476e99e0e2723c1eb20456e137924e3e4bbd56aaf74055381367169398f18e3b2a29d0b895ef04471fedded5a8505a028f7771f6c027a129f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

Malware Config

Targets

    • Target

      4802dcc7e09a05cb13c2312de9aeefeeda2e3adb31a64221268d60f4e6f22967

    • Size

      458KB

    • MD5

      784872ea17556eb59718107706d52b98

    • SHA1

      626bbdd4366e12b055edcfcb944181a17e35d44c

    • SHA256

      4802dcc7e09a05cb13c2312de9aeefeeda2e3adb31a64221268d60f4e6f22967

    • SHA512

      5369e2b0ae1bbd0476e99e0e2723c1eb20456e137924e3e4bbd56aaf74055381367169398f18e3b2a29d0b895ef04471fedded5a8505a028f7771f6c027a129f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks