General

  • Target

    9b60b1515e9fc620faabf70b1a9156162ff598af0de00cb58adf75bb3518f46e

  • Size

    455KB

  • Sample

    250108-fw5afaxrbk

  • MD5

    e818dda6d1254cb17df8b40d30de5384

  • SHA1

    cc6e3aa70707b7fcd2d555c11a7fd98b67105f8d

  • SHA256

    9b60b1515e9fc620faabf70b1a9156162ff598af0de00cb58adf75bb3518f46e

  • SHA512

    5a1075c78cf6dd07996d49e31748dedeb25b16e2b24a027d1a0c193cafcf93f26edf28f7fb7b625b5d97eb7096e9307933b4da1dcca31d0e0ad43a576b64a177

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT4:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      9b60b1515e9fc620faabf70b1a9156162ff598af0de00cb58adf75bb3518f46e

    • Size

      455KB

    • MD5

      e818dda6d1254cb17df8b40d30de5384

    • SHA1

      cc6e3aa70707b7fcd2d555c11a7fd98b67105f8d

    • SHA256

      9b60b1515e9fc620faabf70b1a9156162ff598af0de00cb58adf75bb3518f46e

    • SHA512

      5a1075c78cf6dd07996d49e31748dedeb25b16e2b24a027d1a0c193cafcf93f26edf28f7fb7b625b5d97eb7096e9307933b4da1dcca31d0e0ad43a576b64a177

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT4:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks