General

  • Target

    9b543fcfba409235d8bd64b10dad49cd6466cc3bcb50e9748695a62a50ec914f

  • Size

    454KB

  • Sample

    250108-fwjzhavrev

  • MD5

    a331994752e87a703e88ce65ada29a69

  • SHA1

    5256d7938ee422f4c26084e741958e9014d3bf6d

  • SHA256

    9b543fcfba409235d8bd64b10dad49cd6466cc3bcb50e9748695a62a50ec914f

  • SHA512

    2043b9dd5362dc75f35163a0c5828b6da59567d859a0a10829843d7110f0aac005f95108c73de832921b80b941b40472127a0062e65f275071e3ffa4e074a62f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD

Malware Config

Targets

    • Target

      9b543fcfba409235d8bd64b10dad49cd6466cc3bcb50e9748695a62a50ec914f

    • Size

      454KB

    • MD5

      a331994752e87a703e88ce65ada29a69

    • SHA1

      5256d7938ee422f4c26084e741958e9014d3bf6d

    • SHA256

      9b543fcfba409235d8bd64b10dad49cd6466cc3bcb50e9748695a62a50ec914f

    • SHA512

      2043b9dd5362dc75f35163a0c5828b6da59567d859a0a10829843d7110f0aac005f95108c73de832921b80b941b40472127a0062e65f275071e3ffa4e074a62f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks