General

  • Target

    2ff36f1962eaf73bb5b6445544e1aa968668afcacb811367b955217e4fc9ad17.exe

  • Size

    455KB

  • Sample

    250108-fe873avlcw

  • MD5

    b1f3cc4bfee424c3335b095b8c8d5504

  • SHA1

    2aef00aee75abe127c2641af702f5a704a96c3b4

  • SHA256

    2ff36f1962eaf73bb5b6445544e1aa968668afcacb811367b955217e4fc9ad17

  • SHA512

    50ade3a2af3828f22e1d4f5ce8ac0e12365a845183f27eb36858f64061bcf2f1b6da89dbb58ba82be59ef7c1b5cc8067526116152e486cc0ac2b9fc999d923a8

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV

Malware Config

Targets

    • Target

      2ff36f1962eaf73bb5b6445544e1aa968668afcacb811367b955217e4fc9ad17.exe

    • Size

      455KB

    • MD5

      b1f3cc4bfee424c3335b095b8c8d5504

    • SHA1

      2aef00aee75abe127c2641af702f5a704a96c3b4

    • SHA256

      2ff36f1962eaf73bb5b6445544e1aa968668afcacb811367b955217e4fc9ad17

    • SHA512

      50ade3a2af3828f22e1d4f5ce8ac0e12365a845183f27eb36858f64061bcf2f1b6da89dbb58ba82be59ef7c1b5cc8067526116152e486cc0ac2b9fc999d923a8

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks