General

  • Target

    998c61dcd8a4736dc5309e0a618e3f24e04205711f02133e7765910c826c6d31

  • Size

    455KB

  • Sample

    250108-fw5afaxrbl

  • MD5

    bcd0f66fa1c1e3f79613b76df340bacc

  • SHA1

    707fae71aa8138faa299a140e6962175c7524018

  • SHA256

    998c61dcd8a4736dc5309e0a618e3f24e04205711f02133e7765910c826c6d31

  • SHA512

    dd636eecf5e6047e601d5a981b231916191efd9478789f4bd45a40487780efe85699b47a44589ba1c7b6bef6e5dcda221e878886758e968d4a43d83123db4591

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

Malware Config

Targets

    • Target

      998c61dcd8a4736dc5309e0a618e3f24e04205711f02133e7765910c826c6d31

    • Size

      455KB

    • MD5

      bcd0f66fa1c1e3f79613b76df340bacc

    • SHA1

      707fae71aa8138faa299a140e6962175c7524018

    • SHA256

      998c61dcd8a4736dc5309e0a618e3f24e04205711f02133e7765910c826c6d31

    • SHA512

      dd636eecf5e6047e601d5a981b231916191efd9478789f4bd45a40487780efe85699b47a44589ba1c7b6bef6e5dcda221e878886758e968d4a43d83123db4591

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks