General

  • Target

    962af588eac518b384348efc1049f00ad157e484f46c7dc8ab3dec78b4dc147c

  • Size

    455KB

  • Sample

    250108-fgpansvlgx

  • MD5

    bc3e06ce5813b5b99c01c6e5a7b4f926

  • SHA1

    b0db142929ddeebb7e911cba9065babb227a5c05

  • SHA256

    962af588eac518b384348efc1049f00ad157e484f46c7dc8ab3dec78b4dc147c

  • SHA512

    2807d6853db67465a34deb618c87d4e622288f677726a12343301958b49339f9a8dbaa906dbec079617880f7043bd5e743adedd9407eefe5a7f155382b75c9c6

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTp:q7Tc2NYHUrAwfMp3CD1

Malware Config

Targets

    • Target

      962af588eac518b384348efc1049f00ad157e484f46c7dc8ab3dec78b4dc147c

    • Size

      455KB

    • MD5

      bc3e06ce5813b5b99c01c6e5a7b4f926

    • SHA1

      b0db142929ddeebb7e911cba9065babb227a5c05

    • SHA256

      962af588eac518b384348efc1049f00ad157e484f46c7dc8ab3dec78b4dc147c

    • SHA512

      2807d6853db67465a34deb618c87d4e622288f677726a12343301958b49339f9a8dbaa906dbec079617880f7043bd5e743adedd9407eefe5a7f155382b75c9c6

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTp:q7Tc2NYHUrAwfMp3CD1

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks