General

  • Target

    9cbee4b3787f37704ecfbd9ca05a70fc5453de601826fa7e4e667abc0c4c58d9

  • Size

    455KB

  • Sample

    250108-fy2x4axrgk

  • MD5

    16b15460e17747a243e9c4a1ee5ce1d7

  • SHA1

    837062635ddfc52d613db9281692ab30b10cb405

  • SHA256

    9cbee4b3787f37704ecfbd9ca05a70fc5453de601826fa7e4e667abc0c4c58d9

  • SHA512

    808305711b663e42446ea134071e7940186b8ed01f0ecf89617cd4dc5dc5e31e28aeff77d9e57155e79033c02af04d3b319bc48d89a406b9f86fa3d5e2464c1f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

Malware Config

Targets

    • Target

      9cbee4b3787f37704ecfbd9ca05a70fc5453de601826fa7e4e667abc0c4c58d9

    • Size

      455KB

    • MD5

      16b15460e17747a243e9c4a1ee5ce1d7

    • SHA1

      837062635ddfc52d613db9281692ab30b10cb405

    • SHA256

      9cbee4b3787f37704ecfbd9ca05a70fc5453de601826fa7e4e667abc0c4c58d9

    • SHA512

      808305711b663e42446ea134071e7940186b8ed01f0ecf89617cd4dc5dc5e31e28aeff77d9e57155e79033c02af04d3b319bc48d89a406b9f86fa3d5e2464c1f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks