General

  • Target

    bf8bc193fb1abd9a58749902bbaad6f2a21d497ad6811a1e70ca28c9d6ca892c

  • Size

    456KB

  • Sample

    250108-jfss9azpb1

  • MD5

    1275ac8c581a0c7b5144340f4c05df69

  • SHA1

    da9f1de28ae1eebc93d597b16973d99ba395ca9a

  • SHA256

    bf8bc193fb1abd9a58749902bbaad6f2a21d497ad6811a1e70ca28c9d6ca892c

  • SHA512

    8a249fae4020eff9514b4bca0a42edb24a18cc2c0e1a81078c40daf7580bd254f1139f75eb51fc4465c359e730d54a768f85b09194a3c2933dc15fa8711d34d8

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR6:q7Tc2NYHUrAwfMp3CDR6

Malware Config

Targets

    • Target

      bf8bc193fb1abd9a58749902bbaad6f2a21d497ad6811a1e70ca28c9d6ca892c

    • Size

      456KB

    • MD5

      1275ac8c581a0c7b5144340f4c05df69

    • SHA1

      da9f1de28ae1eebc93d597b16973d99ba395ca9a

    • SHA256

      bf8bc193fb1abd9a58749902bbaad6f2a21d497ad6811a1e70ca28c9d6ca892c

    • SHA512

      8a249fae4020eff9514b4bca0a42edb24a18cc2c0e1a81078c40daf7580bd254f1139f75eb51fc4465c359e730d54a768f85b09194a3c2933dc15fa8711d34d8

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR6:q7Tc2NYHUrAwfMp3CDR6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks