General

  • Target

    6b1fcc7854550f44f1d597aff822fff1d599a20feb4179386198dbada4673fcaN.exe

  • Size

    455KB

  • Sample

    250108-fttqxsvqhv

  • MD5

    b5dde69e1b031a451c21be541e88f940

  • SHA1

    2fb3d17a6e4a26f576d73bb973ca1710ba91564d

  • SHA256

    6b1fcc7854550f44f1d597aff822fff1d599a20feb4179386198dbada4673fca

  • SHA512

    386e98156280c3b619bf0e2c4cc4016cc3e094bd400ce6d3665b70b9a8c105dc44e3171c221050b532c52d68d77da72aef70e5eecfde029f4a39ab3440a6e223

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT6:q7Tc2NYHUrAwfMp3CD+

Malware Config

Targets

    • Target

      6b1fcc7854550f44f1d597aff822fff1d599a20feb4179386198dbada4673fcaN.exe

    • Size

      455KB

    • MD5

      b5dde69e1b031a451c21be541e88f940

    • SHA1

      2fb3d17a6e4a26f576d73bb973ca1710ba91564d

    • SHA256

      6b1fcc7854550f44f1d597aff822fff1d599a20feb4179386198dbada4673fca

    • SHA512

      386e98156280c3b619bf0e2c4cc4016cc3e094bd400ce6d3665b70b9a8c105dc44e3171c221050b532c52d68d77da72aef70e5eecfde029f4a39ab3440a6e223

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT6:q7Tc2NYHUrAwfMp3CD+

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks