General

  • Target

    49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01

  • Size

    456KB

  • Sample

    250328-yelqwasls6

  • MD5

    aa11e7d4cfcd5c995438fa4704ece465

  • SHA1

    014c94e41baabb3f428f36c2d502bfde3607f73b

  • SHA256

    49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01

  • SHA512

    9d1dc841aa7c01670ab0982c2ee00575bf97114b99704bb906319e28a37e38bd5ea631f6f15d820b7377a0681b3ed289a064a2654ceed3331cac3235a20740e5

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeX:q7Tc2NYHUrAwfMp3CDX

Malware Config

Targets

    • Target

      49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01

    • Size

      456KB

    • MD5

      aa11e7d4cfcd5c995438fa4704ece465

    • SHA1

      014c94e41baabb3f428f36c2d502bfde3607f73b

    • SHA256

      49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01

    • SHA512

      9d1dc841aa7c01670ab0982c2ee00575bf97114b99704bb906319e28a37e38bd5ea631f6f15d820b7377a0681b3ed289a064a2654ceed3331cac3235a20740e5

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeX:q7Tc2NYHUrAwfMp3CDX

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks