General

  • Target

    9cc50cddce9b8cc61187af7b637551d6027df152e300c69216102ef11e9e4b94N.exe

  • Size

    454KB

  • Sample

    250108-fxwdxsxrdl

  • MD5

    f735c82012ae110b191e26443d91a690

  • SHA1

    7974e7bd0349849ff7227573f509f7916e8d5297

  • SHA256

    9cc50cddce9b8cc61187af7b637551d6027df152e300c69216102ef11e9e4b94

  • SHA512

    4e6fdc55b158089a67482b07794d94ba98a62cf38928c99048419bfaaeb01ed0da04134c9bfb28e7884874a55136d7b64bf09fc0173e784d3044f795b88fd64b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

Malware Config

Targets

    • Target

      9cc50cddce9b8cc61187af7b637551d6027df152e300c69216102ef11e9e4b94N.exe

    • Size

      454KB

    • MD5

      f735c82012ae110b191e26443d91a690

    • SHA1

      7974e7bd0349849ff7227573f509f7916e8d5297

    • SHA256

      9cc50cddce9b8cc61187af7b637551d6027df152e300c69216102ef11e9e4b94

    • SHA512

      4e6fdc55b158089a67482b07794d94ba98a62cf38928c99048419bfaaeb01ed0da04134c9bfb28e7884874a55136d7b64bf09fc0173e784d3044f795b88fd64b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAben:q7Tc2NYHUrAwfMp3CDn

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks