General

  • Target

    feed4859ef174d9fd2228e20ba8750985c186d3c92f7e6a99c6b9b479ed9d0ea

  • Size

    456KB

  • Sample

    241223-ftt2pawnev

  • MD5

    3ffe60842436bfaf2ed6518cc3168a65

  • SHA1

    ca384ddd1b715a366d8586e4147139e289922de8

  • SHA256

    feed4859ef174d9fd2228e20ba8750985c186d3c92f7e6a99c6b9b479ed9d0ea

  • SHA512

    3aa3437cbb0b124a8224306bce01bdeb85e677f7ca4a5181c85e0e7610d606da529be5886fcc640533d80ac8deec62726c89eee447efbaeabce089e65d2989f7

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRV:q7Tc2NYHUrAwfMp3CDRV

Malware Config

Targets

    • Target

      feed4859ef174d9fd2228e20ba8750985c186d3c92f7e6a99c6b9b479ed9d0ea

    • Size

      456KB

    • MD5

      3ffe60842436bfaf2ed6518cc3168a65

    • SHA1

      ca384ddd1b715a366d8586e4147139e289922de8

    • SHA256

      feed4859ef174d9fd2228e20ba8750985c186d3c92f7e6a99c6b9b479ed9d0ea

    • SHA512

      3aa3437cbb0b124a8224306bce01bdeb85e677f7ca4a5181c85e0e7610d606da529be5886fcc640533d80ac8deec62726c89eee447efbaeabce089e65d2989f7

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRV:q7Tc2NYHUrAwfMp3CDRV

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks