General

  • Target

    91475bff7a076ca7ea758b4b746c35e3dc72cc71c19d339a364d3b63a1987051

  • Size

    454KB

  • Sample

    241223-bfrbessrcw

  • MD5

    1390d192e4d3caaf5d1e113cbe77b659

  • SHA1

    ae2efe64d9791170c790fb700a14ed4999ec667b

  • SHA256

    91475bff7a076ca7ea758b4b746c35e3dc72cc71c19d339a364d3b63a1987051

  • SHA512

    5698693d36b45f5a5b5cf591bc7b3eb702ac960f9cd00482d7f8c42abcc95310eb0030188ecad03319173d4f8516b1bd0ef4108a260e0cce849890b4d241b630

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

Malware Config

Targets

    • Target

      91475bff7a076ca7ea758b4b746c35e3dc72cc71c19d339a364d3b63a1987051

    • Size

      454KB

    • MD5

      1390d192e4d3caaf5d1e113cbe77b659

    • SHA1

      ae2efe64d9791170c790fb700a14ed4999ec667b

    • SHA256

      91475bff7a076ca7ea758b4b746c35e3dc72cc71c19d339a364d3b63a1987051

    • SHA512

      5698693d36b45f5a5b5cf591bc7b3eb702ac960f9cd00482d7f8c42abcc95310eb0030188ecad03319173d4f8516b1bd0ef4108a260e0cce849890b4d241b630

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks