General

  • Target

    c16b31d3c646ed8978f7af83340ff2a0779b653585ccd5b535114883632b3985

  • Size

    455KB

  • Sample

    250108-jf93jasnak

  • MD5

    9517cd45110a99aacbe4ecb7b474b3b6

  • SHA1

    296de4475495f8bc8281c800129b511517f2140f

  • SHA256

    c16b31d3c646ed8978f7af83340ff2a0779b653585ccd5b535114883632b3985

  • SHA512

    61247fcd020a157a8723cdfb9a71935ffbd91082f8d5a560bf90598129853b820ea8c028c058f3abc00b3dedc63da170607e65540dc38812f30adfac24776c25

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbem:q7Tc2NYHUrAwfMp3CDm

Malware Config

Targets

    • Target

      c16b31d3c646ed8978f7af83340ff2a0779b653585ccd5b535114883632b3985

    • Size

      455KB

    • MD5

      9517cd45110a99aacbe4ecb7b474b3b6

    • SHA1

      296de4475495f8bc8281c800129b511517f2140f

    • SHA256

      c16b31d3c646ed8978f7af83340ff2a0779b653585ccd5b535114883632b3985

    • SHA512

      61247fcd020a157a8723cdfb9a71935ffbd91082f8d5a560bf90598129853b820ea8c028c058f3abc00b3dedc63da170607e65540dc38812f30adfac24776c25

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbem:q7Tc2NYHUrAwfMp3CDm

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks