General

  • Target

    fb6dd5a6e953e85501e4650956fc6b61bf0c0d95f4d5c3421a248d0631544c76

  • Size

    453KB

  • Sample

    241223-fh8qpswnhq

  • MD5

    7cdad160b1451e26a37a9b4282022c4a

  • SHA1

    0382b1fdf59df4875c22f19633db94b338848b9b

  • SHA256

    fb6dd5a6e953e85501e4650956fc6b61bf0c0d95f4d5c3421a248d0631544c76

  • SHA512

    d848807da1f8cb50125be62849a19409f4871d14237f2b8c60e22ace601b8d89e819524423ed306b18692dc762596d764197fa5bbec1a00b67e00f4f71eecf12

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

Malware Config

Targets

    • Target

      fb6dd5a6e953e85501e4650956fc6b61bf0c0d95f4d5c3421a248d0631544c76

    • Size

      453KB

    • MD5

      7cdad160b1451e26a37a9b4282022c4a

    • SHA1

      0382b1fdf59df4875c22f19633db94b338848b9b

    • SHA256

      fb6dd5a6e953e85501e4650956fc6b61bf0c0d95f4d5c3421a248d0631544c76

    • SHA512

      d848807da1f8cb50125be62849a19409f4871d14237f2b8c60e22ace601b8d89e819524423ed306b18692dc762596d764197fa5bbec1a00b67e00f4f71eecf12

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks