General

  • Target

    94934c746a38b4adf05ca0a2cb3f5d7d9364e543c60f5537548b8b65c97ff122

  • Size

    336KB

  • Sample

    250108-fbd8hsvjgw

  • MD5

    aa50b25c93d96000a09cdf6ae76712d9

  • SHA1

    46edc9ada6a8060e62402b5ff4396f227c71ec8d

  • SHA256

    94934c746a38b4adf05ca0a2cb3f5d7d9364e543c60f5537548b8b65c97ff122

  • SHA512

    5c37d78df766a6a64da4a2590961c031b0bfb7e48da3389daae60f1dc7d4559897346f8c1e7a53e8206b89c5ea6959f6e2641ac8500b06d27e2b2d78c3d52943

  • SSDEEP

    6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhz:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTD

Malware Config

Targets

    • Target

      94934c746a38b4adf05ca0a2cb3f5d7d9364e543c60f5537548b8b65c97ff122

    • Size

      336KB

    • MD5

      aa50b25c93d96000a09cdf6ae76712d9

    • SHA1

      46edc9ada6a8060e62402b5ff4396f227c71ec8d

    • SHA256

      94934c746a38b4adf05ca0a2cb3f5d7d9364e543c60f5537548b8b65c97ff122

    • SHA512

      5c37d78df766a6a64da4a2590961c031b0bfb7e48da3389daae60f1dc7d4559897346f8c1e7a53e8206b89c5ea6959f6e2641ac8500b06d27e2b2d78c3d52943

    • SSDEEP

      6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhz:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTD

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks