General

  • Target

    95615a9203a41175c99affc22e90c6bb480807922ce3eeecb97a1916ac996e91

  • Size

    455KB

  • Sample

    250108-femn3axkgj

  • MD5

    fdc701a419283cd2660c851677f83e23

  • SHA1

    e0e49c50abfe6add1f1a0eadcb90ede6f29a190d

  • SHA256

    95615a9203a41175c99affc22e90c6bb480807922ce3eeecb97a1916ac996e91

  • SHA512

    4a2768ace319a4a600890935633fc5f9b2d480bc7a3740288b045fd742d84272ec250cdd76076f3be6e8a070895f61cf0e5579755ca4c554f8588dc70bfd2f2a

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeb:q7Tc2NYHUrAwfMp3CDb

Malware Config

Targets

    • Target

      95615a9203a41175c99affc22e90c6bb480807922ce3eeecb97a1916ac996e91

    • Size

      455KB

    • MD5

      fdc701a419283cd2660c851677f83e23

    • SHA1

      e0e49c50abfe6add1f1a0eadcb90ede6f29a190d

    • SHA256

      95615a9203a41175c99affc22e90c6bb480807922ce3eeecb97a1916ac996e91

    • SHA512

      4a2768ace319a4a600890935633fc5f9b2d480bc7a3740288b045fd742d84272ec250cdd76076f3be6e8a070895f61cf0e5579755ca4c554f8588dc70bfd2f2a

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeb:q7Tc2NYHUrAwfMp3CDb

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks