General

  • Target

    955db8cc80e6ec138d577681a36045631db86c7a2d751b2110c4113c8c4929b4

  • Size

    333KB

  • Sample

    250108-feaphaxkfm

  • MD5

    af5dd4a22905b691573b8336d067e257

  • SHA1

    88565884ff2c487405e604ab91092097a8958c33

  • SHA256

    955db8cc80e6ec138d577681a36045631db86c7a2d751b2110c4113c8c4929b4

  • SHA512

    00b137fdd837274e6de7c294abdb81a4fc6458d649c0043a2235e7dae4cdef715fc3104ba5de027c615af7ca5ee15899e0bf0a3af420afad7c9e246991f6884d

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeq:R4wFHoSHYHUrAwfMp3CDq

Malware Config

Targets

    • Target

      955db8cc80e6ec138d577681a36045631db86c7a2d751b2110c4113c8c4929b4

    • Size

      333KB

    • MD5

      af5dd4a22905b691573b8336d067e257

    • SHA1

      88565884ff2c487405e604ab91092097a8958c33

    • SHA256

      955db8cc80e6ec138d577681a36045631db86c7a2d751b2110c4113c8c4929b4

    • SHA512

      00b137fdd837274e6de7c294abdb81a4fc6458d649c0043a2235e7dae4cdef715fc3104ba5de027c615af7ca5ee15899e0bf0a3af420afad7c9e246991f6884d

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeq:R4wFHoSHYHUrAwfMp3CDq

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks