General

  • Target

    4df5106471a8ca339042402d8a2d8ff71686661f576bc9404f674ba07b64e0bdN.exe

  • Size

    454KB

  • Sample

    250108-fzsqtaxrhm

  • MD5

    7b79faf8d52fe451ec49114992da6ec0

  • SHA1

    c10e0d2b5507d049305aa5892baa2da480b8b246

  • SHA256

    4df5106471a8ca339042402d8a2d8ff71686661f576bc9404f674ba07b64e0bd

  • SHA512

    a8f434eb18ae365c876b1c2137a36b6b11f4f27fe211cd3b7269b20e83278a85e1b045e7b5eec9f068af06809657a2f16a12083d78aa801150ceccbe536813e1

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe7:q7Tc2NYHUrAwfMp3CD7

Malware Config

Targets

    • Target

      4df5106471a8ca339042402d8a2d8ff71686661f576bc9404f674ba07b64e0bdN.exe

    • Size

      454KB

    • MD5

      7b79faf8d52fe451ec49114992da6ec0

    • SHA1

      c10e0d2b5507d049305aa5892baa2da480b8b246

    • SHA256

      4df5106471a8ca339042402d8a2d8ff71686661f576bc9404f674ba07b64e0bd

    • SHA512

      a8f434eb18ae365c876b1c2137a36b6b11f4f27fe211cd3b7269b20e83278a85e1b045e7b5eec9f068af06809657a2f16a12083d78aa801150ceccbe536813e1

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe7:q7Tc2NYHUrAwfMp3CD7

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks