General

  • Target

    c0b9a166155083f6fdb7b86d13dd03b568754fd4c55ccc03bcf0b8e97e29107b

  • Size

    454KB

  • Sample

    250108-jes3masmdl

  • MD5

    d5ad9ccfcee051f1fb8a244b31e85e67

  • SHA1

    b031d76d5a819a9613c9c57a62f9c04380454f30

  • SHA256

    c0b9a166155083f6fdb7b86d13dd03b568754fd4c55ccc03bcf0b8e97e29107b

  • SHA512

    11ec03cc9a9306d2c789942c3b3747d5698158e0b0aa02f920008e940669c72062f2b5a7fcbc4c8f4bdb53d9368d17c96f9c99820c713e0339a061a14aacde14

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe/:q7Tc2NYHUrAwfMp3CD/

Malware Config

Targets

    • Target

      c0b9a166155083f6fdb7b86d13dd03b568754fd4c55ccc03bcf0b8e97e29107b

    • Size

      454KB

    • MD5

      d5ad9ccfcee051f1fb8a244b31e85e67

    • SHA1

      b031d76d5a819a9613c9c57a62f9c04380454f30

    • SHA256

      c0b9a166155083f6fdb7b86d13dd03b568754fd4c55ccc03bcf0b8e97e29107b

    • SHA512

      11ec03cc9a9306d2c789942c3b3747d5698158e0b0aa02f920008e940669c72062f2b5a7fcbc4c8f4bdb53d9368d17c96f9c99820c713e0339a061a14aacde14

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe/:q7Tc2NYHUrAwfMp3CD/

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks