General

  • Target

    9bf93f87b40fb8f36c715dcd53af282867d6f96e797c5798f4befbec72b38ba2

  • Size

    454KB

  • Sample

    250108-fwthyavre1

  • MD5

    1aad2e6eda19438a6035cf33448d642a

  • SHA1

    94d1b59f2bcdfbb399d4e91fe8dc0ab90b4f2e74

  • SHA256

    9bf93f87b40fb8f36c715dcd53af282867d6f96e797c5798f4befbec72b38ba2

  • SHA512

    503b2e6704b49e72b1431e1d7b63d0927abbdfe67b3f8abc60d37d8c314445c073f7322bed5172b64c1396c294196fa28a2283a0e794b151e36d5fe06256122d

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

Malware Config

Targets

    • Target

      9bf93f87b40fb8f36c715dcd53af282867d6f96e797c5798f4befbec72b38ba2

    • Size

      454KB

    • MD5

      1aad2e6eda19438a6035cf33448d642a

    • SHA1

      94d1b59f2bcdfbb399d4e91fe8dc0ab90b4f2e74

    • SHA256

      9bf93f87b40fb8f36c715dcd53af282867d6f96e797c5798f4befbec72b38ba2

    • SHA512

      503b2e6704b49e72b1431e1d7b63d0927abbdfe67b3f8abc60d37d8c314445c073f7322bed5172b64c1396c294196fa28a2283a0e794b151e36d5fe06256122d

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks