General

  • Target

    94a5f7028c88bfff5b6474e95da892765158500d19a22bd65e4a818d91cc4368

  • Size

    454KB

  • Sample

    250108-fblmlaxjek

  • MD5

    590e9d1fb3a344509beb2afe787ebc49

  • SHA1

    e2038d66f67f03fa05ce977e408ff7583a4cb1f6

  • SHA256

    94a5f7028c88bfff5b6474e95da892765158500d19a22bd65e4a818d91cc4368

  • SHA512

    db7fa11e7b4a3f275cf16f061bd0aa671df5b66b0a49b98744e6c1811f1ce6bb5c9097923b430b657efefe82f1ce063081723adcd958ae26c47f70aaa1d5d303

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe3:q7Tc2NYHUrAwfMp3CD3

Malware Config

Targets

    • Target

      94a5f7028c88bfff5b6474e95da892765158500d19a22bd65e4a818d91cc4368

    • Size

      454KB

    • MD5

      590e9d1fb3a344509beb2afe787ebc49

    • SHA1

      e2038d66f67f03fa05ce977e408ff7583a4cb1f6

    • SHA256

      94a5f7028c88bfff5b6474e95da892765158500d19a22bd65e4a818d91cc4368

    • SHA512

      db7fa11e7b4a3f275cf16f061bd0aa671df5b66b0a49b98744e6c1811f1ce6bb5c9097923b430b657efefe82f1ce063081723adcd958ae26c47f70aaa1d5d303

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe3:q7Tc2NYHUrAwfMp3CD3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks