General

  • Target

    bd143b3248dc12f6b84c91a7614b7e86f05fe03fcb950d9abc165d84eaa3f6ec.exe

  • Size

    454KB

  • Sample

    250108-fbtyzaxjfj

  • MD5

    c1294f1440d9a4d68d4e0f59d081793f

  • SHA1

    cbc60376663d984ca5ceec1d6f65bfb77899e8b3

  • SHA256

    bd143b3248dc12f6b84c91a7614b7e86f05fe03fcb950d9abc165d84eaa3f6ec

  • SHA512

    8e635f5a5ae9d6509e652d55a28748d0b1211513388235276eb0e0d9ae1682c9758630a5d450f1d5b83154feec5c725ba8ee40b95f2af2dc9b4b259749f80c40

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe1:q7Tc2NYHUrAwfMp3CD1

Malware Config

Targets

    • Target

      bd143b3248dc12f6b84c91a7614b7e86f05fe03fcb950d9abc165d84eaa3f6ec.exe

    • Size

      454KB

    • MD5

      c1294f1440d9a4d68d4e0f59d081793f

    • SHA1

      cbc60376663d984ca5ceec1d6f65bfb77899e8b3

    • SHA256

      bd143b3248dc12f6b84c91a7614b7e86f05fe03fcb950d9abc165d84eaa3f6ec

    • SHA512

      8e635f5a5ae9d6509e652d55a28748d0b1211513388235276eb0e0d9ae1682c9758630a5d450f1d5b83154feec5c725ba8ee40b95f2af2dc9b4b259749f80c40

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe1:q7Tc2NYHUrAwfMp3CD1

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks