General

  • Target

    9babe07ffae360eb0a49f9d649e882acd9d0c4d0631897a65445c74e4862997c

  • Size

    455KB

  • Sample

    250108-fvt33sxqgl

  • MD5

    549d76eb8281c25993ad4988f2551a66

  • SHA1

    a983ec8b246be0c2953801f09a3e15d361fe533d

  • SHA256

    9babe07ffae360eb0a49f9d649e882acd9d0c4d0631897a65445c74e4862997c

  • SHA512

    dc56251174c6515b9703c32bf0a95982ac7bbdc7de91999f3fc46108b161205c30b67359552454ace4a3b9e5964de5ce4f76e50cf005efb5344bed7a049444bf

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeIU:q7Tc2NYHUrAwfMp3CDIU

Malware Config

Targets

    • Target

      9babe07ffae360eb0a49f9d649e882acd9d0c4d0631897a65445c74e4862997c

    • Size

      455KB

    • MD5

      549d76eb8281c25993ad4988f2551a66

    • SHA1

      a983ec8b246be0c2953801f09a3e15d361fe533d

    • SHA256

      9babe07ffae360eb0a49f9d649e882acd9d0c4d0631897a65445c74e4862997c

    • SHA512

      dc56251174c6515b9703c32bf0a95982ac7bbdc7de91999f3fc46108b161205c30b67359552454ace4a3b9e5964de5ce4f76e50cf005efb5344bed7a049444bf

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeIU:q7Tc2NYHUrAwfMp3CDIU

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks