General

  • Target

    faf668ba2ea6c5bd170e74e497d9f32a0ae38a94f9d4dd44e4eab2bb56e4a0a7

  • Size

    455KB

  • Sample

    241223-fg6jyswmdt

  • MD5

    fdcb0d1c35362790c47d3496a73ae170

  • SHA1

    b12e29a4bff892a257ac112af499888eadfeb77d

  • SHA256

    faf668ba2ea6c5bd170e74e497d9f32a0ae38a94f9d4dd44e4eab2bb56e4a0a7

  • SHA512

    b84ee16844220c5b6969465ffa5fd53ee775c262ff1449ecee628b85bd1f5bddcea86b2e5aaddc9ca1cbabd29d8802e0888de6663194c05ce31127cbaaa3223a

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRIJ:q7Tc2NYHUrAwfMp3CDRQ

Malware Config

Targets

    • Target

      faf668ba2ea6c5bd170e74e497d9f32a0ae38a94f9d4dd44e4eab2bb56e4a0a7

    • Size

      455KB

    • MD5

      fdcb0d1c35362790c47d3496a73ae170

    • SHA1

      b12e29a4bff892a257ac112af499888eadfeb77d

    • SHA256

      faf668ba2ea6c5bd170e74e497d9f32a0ae38a94f9d4dd44e4eab2bb56e4a0a7

    • SHA512

      b84ee16844220c5b6969465ffa5fd53ee775c262ff1449ecee628b85bd1f5bddcea86b2e5aaddc9ca1cbabd29d8802e0888de6663194c05ce31127cbaaa3223a

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRIJ:q7Tc2NYHUrAwfMp3CDRQ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks