General

  • Target

    ff1329ef875231339790a5801c27e70e6ad6fcfeb8bb93b8df483ee3dca83bae

  • Size

    454KB

  • Sample

    241223-fqfpwswpgn

  • MD5

    274a1fcae472dba4b609fb93f6bff0f2

  • SHA1

    e9d7de4676f38184195d19ae4d26c034b79c956d

  • SHA256

    ff1329ef875231339790a5801c27e70e6ad6fcfeb8bb93b8df483ee3dca83bae

  • SHA512

    f0ad51de354726370bf6e8696c38e9b9316d056af559809c2de2346c8a99d14f8ceee3fce2f15cfea48abf0b98cda99889037ac792d347fa55cafb26b0a6e2c2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeS:q7Tc2NYHUrAwfMp3CDS

Malware Config

Targets

    • Target

      ff1329ef875231339790a5801c27e70e6ad6fcfeb8bb93b8df483ee3dca83bae

    • Size

      454KB

    • MD5

      274a1fcae472dba4b609fb93f6bff0f2

    • SHA1

      e9d7de4676f38184195d19ae4d26c034b79c956d

    • SHA256

      ff1329ef875231339790a5801c27e70e6ad6fcfeb8bb93b8df483ee3dca83bae

    • SHA512

      f0ad51de354726370bf6e8696c38e9b9316d056af559809c2de2346c8a99d14f8ceee3fce2f15cfea48abf0b98cda99889037ac792d347fa55cafb26b0a6e2c2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeS:q7Tc2NYHUrAwfMp3CDS

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks