General

  • Target

    49e06b3aa40553a121927ef233d0b17b862653dbfc8a807b8832b18fa36741e2

  • Size

    459KB

  • Sample

    250328-ycn38azzbt

  • MD5

    8e1473a8bf4c66c85e7508a46a0ce45d

  • SHA1

    3f91d440be7113d81db12b999016cf3d7ae5d854

  • SHA256

    49e06b3aa40553a121927ef233d0b17b862653dbfc8a807b8832b18fa36741e2

  • SHA512

    be1d97fabdf6e57f2c5ee9371b5c51f7e5938980c75e71cc23b498d3a4fae2405e7456dbaf285757411b4b31390e769c16416fed069fd935d9e3e3c7e71c852d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeye:q7Tc2NYHUrAwfMp3CD3

Malware Config

Targets

    • Target

      49e06b3aa40553a121927ef233d0b17b862653dbfc8a807b8832b18fa36741e2

    • Size

      459KB

    • MD5

      8e1473a8bf4c66c85e7508a46a0ce45d

    • SHA1

      3f91d440be7113d81db12b999016cf3d7ae5d854

    • SHA256

      49e06b3aa40553a121927ef233d0b17b862653dbfc8a807b8832b18fa36741e2

    • SHA512

      be1d97fabdf6e57f2c5ee9371b5c51f7e5938980c75e71cc23b498d3a4fae2405e7456dbaf285757411b4b31390e769c16416fed069fd935d9e3e3c7e71c852d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeye:q7Tc2NYHUrAwfMp3CD3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks