General

  • Target

    9cd602a712bb1495714f29d3bb2dbc3f406cd061d0e9bb4df490ffeed8520afb

  • Size

    454KB

  • Sample

    250108-fzeh7axrgr

  • MD5

    5419fddb6941b9a56512deb764dcb61d

  • SHA1

    61a8c5045326252175d0a9a3969cc1180957c48c

  • SHA256

    9cd602a712bb1495714f29d3bb2dbc3f406cd061d0e9bb4df490ffeed8520afb

  • SHA512

    2292319a57cc024f263224aae6d73604195bc6d12de3d655d512aa62e02384adc9d21a230c9c40e2cc1b7fcb7dca6512a6a14477db1b0bf6cf1e178556eca66b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

Malware Config

Targets

    • Target

      9cd602a712bb1495714f29d3bb2dbc3f406cd061d0e9bb4df490ffeed8520afb

    • Size

      454KB

    • MD5

      5419fddb6941b9a56512deb764dcb61d

    • SHA1

      61a8c5045326252175d0a9a3969cc1180957c48c

    • SHA256

      9cd602a712bb1495714f29d3bb2dbc3f406cd061d0e9bb4df490ffeed8520afb

    • SHA512

      2292319a57cc024f263224aae6d73604195bc6d12de3d655d512aa62e02384adc9d21a230c9c40e2cc1b7fcb7dca6512a6a14477db1b0bf6cf1e178556eca66b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe0:q7Tc2NYHUrAwfMp3CD0

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks