General

  • Target

    fe676b0c320473c2e2939f793de5a3d89bf0067c9b87fb4cede7d120043a60b9

  • Size

    453KB

  • Sample

    241223-ftdppswndx

  • MD5

    21f7f1bb95bfc7466f96b95b89014e35

  • SHA1

    ef7c775bd3be2c8c01fcb19408178bf59b0d2d16

  • SHA256

    fe676b0c320473c2e2939f793de5a3d89bf0067c9b87fb4cede7d120043a60b9

  • SHA512

    b240ad4d4537e68cc99da80459875933fee94002e72675966704693e5cb23697aba1fffd20e776ed287e77e3bb9cbe1ffdd6a4545f5a870784e58913e675e742

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

Malware Config

Targets

    • Target

      fe676b0c320473c2e2939f793de5a3d89bf0067c9b87fb4cede7d120043a60b9

    • Size

      453KB

    • MD5

      21f7f1bb95bfc7466f96b95b89014e35

    • SHA1

      ef7c775bd3be2c8c01fcb19408178bf59b0d2d16

    • SHA256

      fe676b0c320473c2e2939f793de5a3d89bf0067c9b87fb4cede7d120043a60b9

    • SHA512

      b240ad4d4537e68cc99da80459875933fee94002e72675966704693e5cb23697aba1fffd20e776ed287e77e3bb9cbe1ffdd6a4545f5a870784e58913e675e742

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbea:q7Tc2NYHUrAwfMp3CDa

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks