General

  • Target

    94e98a0185e2c0003b8aac42e806a51ec6f2d45e816273a215dcbbed8e70cc0c

  • Size

    454KB

  • Sample

    250108-fcjvdsxjhj

  • MD5

    f1c17cce6ba6f1f0159f2be32f3a6318

  • SHA1

    e0c51e3e36ad24882383c01beece4b55878c5818

  • SHA256

    94e98a0185e2c0003b8aac42e806a51ec6f2d45e816273a215dcbbed8e70cc0c

  • SHA512

    e436f1f4dec1a45bb73ee6ac80a203726fd1051b27c7833580ef3a355a23bd4bb2bdfe37da04ba8c4384995f590d9dc4df9b59ade78ffeff895e13e634b8f7b2

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeL:q7Tc2NYHUrAwfMp3CDL

Malware Config

Targets

    • Target

      94e98a0185e2c0003b8aac42e806a51ec6f2d45e816273a215dcbbed8e70cc0c

    • Size

      454KB

    • MD5

      f1c17cce6ba6f1f0159f2be32f3a6318

    • SHA1

      e0c51e3e36ad24882383c01beece4b55878c5818

    • SHA256

      94e98a0185e2c0003b8aac42e806a51ec6f2d45e816273a215dcbbed8e70cc0c

    • SHA512

      e436f1f4dec1a45bb73ee6ac80a203726fd1051b27c7833580ef3a355a23bd4bb2bdfe37da04ba8c4384995f590d9dc4df9b59ade78ffeff895e13e634b8f7b2

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeL:q7Tc2NYHUrAwfMp3CDL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks