General

  • Target

    52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb

  • Size

    456KB

  • Sample

    250328-zj32ds1wcs

  • MD5

    b8b06189ddbb0454b6b3fd2c8261bd22

  • SHA1

    a011dc28a25e5eef6deb7470f087a9a6f63d158b

  • SHA256

    52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb

  • SHA512

    e25cd2652e59b314e54b4920690f697dcec1f66eee3cb7eddeb3934577f6b9afe94ac2f54d16dcce91727f56ef7753bb8106d0d91ba09ae8e62cf44372de4d4b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeSi:q7Tc2NYHUrAwfMp3CDSi

Malware Config

Targets

    • Target

      52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb

    • Size

      456KB

    • MD5

      b8b06189ddbb0454b6b3fd2c8261bd22

    • SHA1

      a011dc28a25e5eef6deb7470f087a9a6f63d158b

    • SHA256

      52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb

    • SHA512

      e25cd2652e59b314e54b4920690f697dcec1f66eee3cb7eddeb3934577f6b9afe94ac2f54d16dcce91727f56ef7753bb8106d0d91ba09ae8e62cf44372de4d4b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeSi:q7Tc2NYHUrAwfMp3CDSi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks