General

  • Target

    fa9af7783858e1e6f25d46e426a9a4616542d4006b2fb927bb1c767ba46c594bN.exe

  • Size

    455KB

  • Sample

    250108-f1cqzsyjap

  • MD5

    96edbcfbe4a64d8e89dbf40eb0aca430

  • SHA1

    4cd828c5370de69b22b9e389ed79016e2c0ea5c5

  • SHA256

    fa9af7783858e1e6f25d46e426a9a4616542d4006b2fb927bb1c767ba46c594b

  • SHA512

    af3b1402a53b892a4ed0c445221e83bda370af7de1f60311185149e29c8ae36e4a481c64aa1e7497503d9a1bd0e6678a0e3803d9f9ac209ca908689c0529b50a

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTs:q7Tc2NYHUrAwfMp3CDQ

Malware Config

Targets

    • Target

      fa9af7783858e1e6f25d46e426a9a4616542d4006b2fb927bb1c767ba46c594bN.exe

    • Size

      455KB

    • MD5

      96edbcfbe4a64d8e89dbf40eb0aca430

    • SHA1

      4cd828c5370de69b22b9e389ed79016e2c0ea5c5

    • SHA256

      fa9af7783858e1e6f25d46e426a9a4616542d4006b2fb927bb1c767ba46c594b

    • SHA512

      af3b1402a53b892a4ed0c445221e83bda370af7de1f60311185149e29c8ae36e4a481c64aa1e7497503d9a1bd0e6678a0e3803d9f9ac209ca908689c0529b50a

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTs:q7Tc2NYHUrAwfMp3CDQ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks