General

  • Target

    03cb6a1f9ea8b8a39064a9bdc23a8a4defb4c589b793852c2e79b451c70abefe.exe

  • Size

    456KB

  • Sample

    250108-fat8caxjbm

  • MD5

    514d70eacb70d48ebeb6dede61b5c1d6

  • SHA1

    fc7f7aae81c0b9c721a33f2f37ae9c7cfe942f98

  • SHA256

    03cb6a1f9ea8b8a39064a9bdc23a8a4defb4c589b793852c2e79b451c70abefe

  • SHA512

    f874f0ef977b37bd59079d92deb2dc9afc01b71f0d0526cbefd5a959aec8148c7944075e9c8b632cfbeaa7c0b95eef6a9479b7270d2a5c263f79c5b7539144ca

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

Malware Config

Targets

    • Target

      03cb6a1f9ea8b8a39064a9bdc23a8a4defb4c589b793852c2e79b451c70abefe.exe

    • Size

      456KB

    • MD5

      514d70eacb70d48ebeb6dede61b5c1d6

    • SHA1

      fc7f7aae81c0b9c721a33f2f37ae9c7cfe942f98

    • SHA256

      03cb6a1f9ea8b8a39064a9bdc23a8a4defb4c589b793852c2e79b451c70abefe

    • SHA512

      f874f0ef977b37bd59079d92deb2dc9afc01b71f0d0526cbefd5a959aec8148c7944075e9c8b632cfbeaa7c0b95eef6a9479b7270d2a5c263f79c5b7539144ca

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbes:q7Tc2NYHUrAwfMp3CDs

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks