General

  • Target

    94ba957e4c0bf25565ce646c4a7061d0d46ae6c52dc0c462c5f9095f1be9a7d8

  • Size

    455KB

  • Sample

    250108-fb2zksvkbx

  • MD5

    017b7d73db858329a62c9b9d71228a39

  • SHA1

    2274b67915e9bb0504e7e8037f2b8ffa9fa8d162

  • SHA256

    94ba957e4c0bf25565ce646c4a7061d0d46ae6c52dc0c462c5f9095f1be9a7d8

  • SHA512

    d49d5b82665b1d0d36f311a276c14e5a2248358c31d86959d2b6ac33de73d574f6f5dd67697e16b2fab56db3533ddf7c8328e2f960b27bc428f7f25ab8f9c22b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeq:q7Tc2NYHUrAwfMp3CDq

Malware Config

Targets

    • Target

      94ba957e4c0bf25565ce646c4a7061d0d46ae6c52dc0c462c5f9095f1be9a7d8

    • Size

      455KB

    • MD5

      017b7d73db858329a62c9b9d71228a39

    • SHA1

      2274b67915e9bb0504e7e8037f2b8ffa9fa8d162

    • SHA256

      94ba957e4c0bf25565ce646c4a7061d0d46ae6c52dc0c462c5f9095f1be9a7d8

    • SHA512

      d49d5b82665b1d0d36f311a276c14e5a2248358c31d86959d2b6ac33de73d574f6f5dd67697e16b2fab56db3533ddf7c8328e2f960b27bc428f7f25ab8f9c22b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeq:q7Tc2NYHUrAwfMp3CDq

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks