General

  • Target

    b31fc8c6a37ef08632e15ab95d6aef147d33cda3f29223469ed91e7c5a631f56

  • Size

    455KB

  • Sample

    250108-hpj22a1mfn

  • MD5

    1b509ffdf01c75b314d456a1f98e04c5

  • SHA1

    c6590b5bec953e3d9144d845b3fb9121f272c81b

  • SHA256

    b31fc8c6a37ef08632e15ab95d6aef147d33cda3f29223469ed91e7c5a631f56

  • SHA512

    8ac30948b0a639e8430d28cbe11b396ee00831e754a437794c29d3583fcbd0c0971e510b634d94ad9bd305080682fae5f9113e963db4da0d075c7d884ae10449

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD

Malware Config

Targets

    • Target

      b31fc8c6a37ef08632e15ab95d6aef147d33cda3f29223469ed91e7c5a631f56

    • Size

      455KB

    • MD5

      1b509ffdf01c75b314d456a1f98e04c5

    • SHA1

      c6590b5bec953e3d9144d845b3fb9121f272c81b

    • SHA256

      b31fc8c6a37ef08632e15ab95d6aef147d33cda3f29223469ed91e7c5a631f56

    • SHA512

      8ac30948b0a639e8430d28cbe11b396ee00831e754a437794c29d3583fcbd0c0971e510b634d94ad9bd305080682fae5f9113e963db4da0d075c7d884ae10449

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks