General

  • Target

    9527c4fe826afde4ff04a7aacc2a200e54d0af2895285f0a8b516bc65dd55f1c

  • Size

    454KB

  • Sample

    250108-fds5fsxkdn

  • MD5

    7788a9a673ccf5c347abe474acf389bf

  • SHA1

    5424734fb1147a9248c2d378a9bfe50fc4cdfd1e

  • SHA256

    9527c4fe826afde4ff04a7aacc2a200e54d0af2895285f0a8b516bc65dd55f1c

  • SHA512

    b91031078b6b33bab4122125ea29c9484a9e476c771c57cab0b4bff3050514b7e8bbf677151f1d2539e688f801795474f56f13d19b8c0b5aec00916bc344a359

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeL:q7Tc2NYHUrAwfMp3CDL

Malware Config

Targets

    • Target

      9527c4fe826afde4ff04a7aacc2a200e54d0af2895285f0a8b516bc65dd55f1c

    • Size

      454KB

    • MD5

      7788a9a673ccf5c347abe474acf389bf

    • SHA1

      5424734fb1147a9248c2d378a9bfe50fc4cdfd1e

    • SHA256

      9527c4fe826afde4ff04a7aacc2a200e54d0af2895285f0a8b516bc65dd55f1c

    • SHA512

      b91031078b6b33bab4122125ea29c9484a9e476c771c57cab0b4bff3050514b7e8bbf677151f1d2539e688f801795474f56f13d19b8c0b5aec00916bc344a359

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeL:q7Tc2NYHUrAwfMp3CDL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks