General

  • Target

    fbf81c32fee3725a6dc24a285a2ce56e8011fa41a3df9417f9337040c8b2d653

  • Size

    454KB

  • Sample

    241223-fjs2mswmex

  • MD5

    3e30647e9c2965c84324601a062a7fbd

  • SHA1

    b6f24d9722d86d643c40ad76f8ab42f57d6dd639

  • SHA256

    fbf81c32fee3725a6dc24a285a2ce56e8011fa41a3df9417f9337040c8b2d653

  • SHA512

    ac3acd9128748f61ce4a13b075f0e9ef7d44c1a6995f750f48524f89078d49f378051992e6c29053eed659ff03e06817a6bd9b3d3e33465f6feb41a99f7efda4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

Malware Config

Targets

    • Target

      fbf81c32fee3725a6dc24a285a2ce56e8011fa41a3df9417f9337040c8b2d653

    • Size

      454KB

    • MD5

      3e30647e9c2965c84324601a062a7fbd

    • SHA1

      b6f24d9722d86d643c40ad76f8ab42f57d6dd639

    • SHA256

      fbf81c32fee3725a6dc24a285a2ce56e8011fa41a3df9417f9337040c8b2d653

    • SHA512

      ac3acd9128748f61ce4a13b075f0e9ef7d44c1a6995f750f48524f89078d49f378051992e6c29053eed659ff03e06817a6bd9b3d3e33465f6feb41a99f7efda4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeo:q7Tc2NYHUrAwfMp3CDo

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks