General

  • Target

    9503f5e125116b4b16ad8822c7bb2aa8b79a618d98dfb7ca60c0f8e720b7d5a9

  • Size

    455KB

  • Sample

    250108-fc1sxaxkam

  • MD5

    ce24793075b5d01782b7559f95b6979c

  • SHA1

    a279892adf8865df104a1718f9503ab868f81ec1

  • SHA256

    9503f5e125116b4b16ad8822c7bb2aa8b79a618d98dfb7ca60c0f8e720b7d5a9

  • SHA512

    e3cbde9d1daef9845f4502a64814becb1bd9cdd1887faa70fbf463305b0b19931140e1965558ea25a0e9701b4aa925df0b9fae5ab441085636db98aeb0087bdb

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP:q7Tc2NYHUrAwfMp3CDP

Malware Config

Targets

    • Target

      9503f5e125116b4b16ad8822c7bb2aa8b79a618d98dfb7ca60c0f8e720b7d5a9

    • Size

      455KB

    • MD5

      ce24793075b5d01782b7559f95b6979c

    • SHA1

      a279892adf8865df104a1718f9503ab868f81ec1

    • SHA256

      9503f5e125116b4b16ad8822c7bb2aa8b79a618d98dfb7ca60c0f8e720b7d5a9

    • SHA512

      e3cbde9d1daef9845f4502a64814becb1bd9cdd1887faa70fbf463305b0b19931140e1965558ea25a0e9701b4aa925df0b9fae5ab441085636db98aeb0087bdb

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP:q7Tc2NYHUrAwfMp3CDP

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks