General

  • Target

    bfd04583ef2bfe6024e186e2155d35f933f7c117131aec75a16746feb22ff379

  • Size

    456KB

  • Sample

    250108-jcjq6sslfn

  • MD5

    64cf39043c649fcb11e32e277aaabc67

  • SHA1

    a1296103b288ed3cf90efae6e3300c2d3f6d8711

  • SHA256

    bfd04583ef2bfe6024e186e2155d35f933f7c117131aec75a16746feb22ff379

  • SHA512

    b733860546a9a7e2f98acf82363c4f6283e8a60e8c3170d482e3c647b9716f04013f417cc65c5c39eb7d185dae2d27975bf1c8f20617ae01e5736e76d5033656

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe9:q7Tc2NYHUrAwfMp3CD9

Malware Config

Targets

    • Target

      bfd04583ef2bfe6024e186e2155d35f933f7c117131aec75a16746feb22ff379

    • Size

      456KB

    • MD5

      64cf39043c649fcb11e32e277aaabc67

    • SHA1

      a1296103b288ed3cf90efae6e3300c2d3f6d8711

    • SHA256

      bfd04583ef2bfe6024e186e2155d35f933f7c117131aec75a16746feb22ff379

    • SHA512

      b733860546a9a7e2f98acf82363c4f6283e8a60e8c3170d482e3c647b9716f04013f417cc65c5c39eb7d185dae2d27975bf1c8f20617ae01e5736e76d5033656

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe9:q7Tc2NYHUrAwfMp3CD9

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks