General

  • Target

    fbd6bec54fb7f8ecf409fdf7b2bc4065d940ec4b93c5a485f4ec263702a6bcde.exe

  • Size

    335KB

  • Sample

    250108-f6jfqaykhk

  • MD5

    c71e346c831750e3a7db9093679c3883

  • SHA1

    54300be41db3b5de2a367cdf559a3e4250c44fcd

  • SHA256

    fbd6bec54fb7f8ecf409fdf7b2bc4065d940ec4b93c5a485f4ec263702a6bcde

  • SHA512

    51ae7192aecd88b723b91deb377ef759ab076f98d9db360b746c9b64c685511530d14adca112d89cb9bd00398e0c1234a900829c624f7612c7dc54520429899d

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel5:R4wFHoSHYHUrAwfMp3CD3

Malware Config

Targets

    • Target

      fbd6bec54fb7f8ecf409fdf7b2bc4065d940ec4b93c5a485f4ec263702a6bcde.exe

    • Size

      335KB

    • MD5

      c71e346c831750e3a7db9093679c3883

    • SHA1

      54300be41db3b5de2a367cdf559a3e4250c44fcd

    • SHA256

      fbd6bec54fb7f8ecf409fdf7b2bc4065d940ec4b93c5a485f4ec263702a6bcde

    • SHA512

      51ae7192aecd88b723b91deb377ef759ab076f98d9db360b746c9b64c685511530d14adca112d89cb9bd00398e0c1234a900829c624f7612c7dc54520429899d

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbel5:R4wFHoSHYHUrAwfMp3CD3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks