General

  • Target

    9bab603b4938e9d1883e791dba3b3d24bf2746b72cb9e5542b47f8e51a092f9f

  • Size

    454KB

  • Sample

    250108-fvg4hsvrbv

  • MD5

    7b693bfbe60504e0e4b2ee02862e2c05

  • SHA1

    a298c0492150d69b57e3634a8fee2c63a471f82f

  • SHA256

    9bab603b4938e9d1883e791dba3b3d24bf2746b72cb9e5542b47f8e51a092f9f

  • SHA512

    96002e7082363e29c13ff00055ea85a7dde01cc4a03ccd73ef3bdaa678df08c9708f63a9f54acc768cfb461f8623a377c7840b5639a3ef9ba2ffe57369251369

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet9:q7Tc2NYHUrAwfMp3CDt9

Malware Config

Targets

    • Target

      9bab603b4938e9d1883e791dba3b3d24bf2746b72cb9e5542b47f8e51a092f9f

    • Size

      454KB

    • MD5

      7b693bfbe60504e0e4b2ee02862e2c05

    • SHA1

      a298c0492150d69b57e3634a8fee2c63a471f82f

    • SHA256

      9bab603b4938e9d1883e791dba3b3d24bf2746b72cb9e5542b47f8e51a092f9f

    • SHA512

      96002e7082363e29c13ff00055ea85a7dde01cc4a03ccd73ef3bdaa678df08c9708f63a9f54acc768cfb461f8623a377c7840b5639a3ef9ba2ffe57369251369

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet9:q7Tc2NYHUrAwfMp3CDt9

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks