General

  • Target

    fae5a57922f30e51062af129e682d364be707a58001ee81ee57467fe3f2675b0

  • Size

    453KB

  • Sample

    241223-fgq49swngq

  • MD5

    c5b5de336ea7eef236a9288b6b151c58

  • SHA1

    cddfbc4f2a763e854eab6c59a006e5cfa9112f2b

  • SHA256

    fae5a57922f30e51062af129e682d364be707a58001ee81ee57467fe3f2675b0

  • SHA512

    5b5f8fc1d03318b05da3d5d3aefdc320d98a3c880f50c0706c66b404acb0bff96f13e590ea2ee19fd6af50f96dc5a81eec3f75add2e13913eb1667f1cbf8e81e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+:q7Tc2NYHUrAwfMp3CD+

Malware Config

Targets

    • Target

      fae5a57922f30e51062af129e682d364be707a58001ee81ee57467fe3f2675b0

    • Size

      453KB

    • MD5

      c5b5de336ea7eef236a9288b6b151c58

    • SHA1

      cddfbc4f2a763e854eab6c59a006e5cfa9112f2b

    • SHA256

      fae5a57922f30e51062af129e682d364be707a58001ee81ee57467fe3f2675b0

    • SHA512

      5b5f8fc1d03318b05da3d5d3aefdc320d98a3c880f50c0706c66b404acb0bff96f13e590ea2ee19fd6af50f96dc5a81eec3f75add2e13913eb1667f1cbf8e81e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+:q7Tc2NYHUrAwfMp3CD+

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks