General

  • Target

    95a858ac946734ef966c50acb4e6d35aea21af2c1b91dd760e8ab386a43774e2

  • Size

    454KB

  • Sample

    250108-ffa2navlcx

  • MD5

    a1f6888376ca6522664764f93b702235

  • SHA1

    c3307743a3ee695869a08474f7ce0eb41cc76cc7

  • SHA256

    95a858ac946734ef966c50acb4e6d35aea21af2c1b91dd760e8ab386a43774e2

  • SHA512

    63eb5227999898a2c15d64d555c39bb8570efeb4a08d241ea64e6b3af6a73db7056e3838c7b903b91b166eb1a2532a0d914ab13ad00af6e442e8c53fe89fa998

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeIe:q7Tc2NYHUrAwfMp3CDf

Malware Config

Targets

    • Target

      95a858ac946734ef966c50acb4e6d35aea21af2c1b91dd760e8ab386a43774e2

    • Size

      454KB

    • MD5

      a1f6888376ca6522664764f93b702235

    • SHA1

      c3307743a3ee695869a08474f7ce0eb41cc76cc7

    • SHA256

      95a858ac946734ef966c50acb4e6d35aea21af2c1b91dd760e8ab386a43774e2

    • SHA512

      63eb5227999898a2c15d64d555c39bb8570efeb4a08d241ea64e6b3af6a73db7056e3838c7b903b91b166eb1a2532a0d914ab13ad00af6e442e8c53fe89fa998

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeIe:q7Tc2NYHUrAwfMp3CDf

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks