General

  • Target

    9c8883a49d33bf673a0901bc28af674a63cf7d8d61d5b72d944dda80f301e6b6

  • Size

    454KB

  • Sample

    250108-fxpalsxrcq

  • MD5

    be94c5db95e7df9e19ff0f5ecc9ac0de

  • SHA1

    50021dec95af37bb21c82e7070415c7304d17ef8

  • SHA256

    9c8883a49d33bf673a0901bc28af674a63cf7d8d61d5b72d944dda80f301e6b6

  • SHA512

    2dce3e78a98ba810ebcd2f318d21dcd310831c78a128a224cb86517613ea0b52677e18d445a00fc277644e3f1c8a551dd9cb479190ee3d58385cf70763114b69

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbep:q7Tc2NYHUrAwfMp3CDp

Malware Config

Targets

    • Target

      9c8883a49d33bf673a0901bc28af674a63cf7d8d61d5b72d944dda80f301e6b6

    • Size

      454KB

    • MD5

      be94c5db95e7df9e19ff0f5ecc9ac0de

    • SHA1

      50021dec95af37bb21c82e7070415c7304d17ef8

    • SHA256

      9c8883a49d33bf673a0901bc28af674a63cf7d8d61d5b72d944dda80f301e6b6

    • SHA512

      2dce3e78a98ba810ebcd2f318d21dcd310831c78a128a224cb86517613ea0b52677e18d445a00fc277644e3f1c8a551dd9cb479190ee3d58385cf70763114b69

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbep:q7Tc2NYHUrAwfMp3CDp

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks