General

  • Target

    95f93a8890a7f8f47d7d7b212304a49346bfc4be8618e1f1c8fd37820aa874f8

  • Size

    454KB

  • Sample

    250108-ffzd9avlex

  • MD5

    627d8e03eb15b8663a8f06ced9d87e4b

  • SHA1

    f983764cdba8dde62760448e515242af0b66ac28

  • SHA256

    95f93a8890a7f8f47d7d7b212304a49346bfc4be8618e1f1c8fd37820aa874f8

  • SHA512

    5492b0afdda246c77f64e829d740537905a43e78cb8d808f1edebf0b0137593ad0f9f29855b6e25a3871390cd2242b78fac14eb7558360293baf5dfaa38ea804

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

Malware Config

Targets

    • Target

      95f93a8890a7f8f47d7d7b212304a49346bfc4be8618e1f1c8fd37820aa874f8

    • Size

      454KB

    • MD5

      627d8e03eb15b8663a8f06ced9d87e4b

    • SHA1

      f983764cdba8dde62760448e515242af0b66ac28

    • SHA256

      95f93a8890a7f8f47d7d7b212304a49346bfc4be8618e1f1c8fd37820aa874f8

    • SHA512

      5492b0afdda246c77f64e829d740537905a43e78cb8d808f1edebf0b0137593ad0f9f29855b6e25a3871390cd2242b78fac14eb7558360293baf5dfaa38ea804

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks