General

  • Target

    NEAS.589e1584af30751b3a04b8660f821bc0.exe

  • Size

    51KB

  • Sample

    231021-z62f3sdd5t

  • MD5

    589e1584af30751b3a04b8660f821bc0

  • SHA1

    d1b46320348d65a64057ab3fb20dd502f566cb7e

  • SHA256

    501377d03087523398f8e3dd5e9bed15c6ac7379970e1291cc5c781c6e64eab8

  • SHA512

    2e21af3c63e7c83bbe8717f80acb62365a33d2450f3f81252fdf11a31910751193a5173fc6edcc08a7df6a35df45e75d1264c5b7aad6fb6cc9f9d80424207c4a

  • SSDEEP

    1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy8q5W:xhOmTsF93UYfwC6GIoutq8

Malware Config

Targets

    • Target

      NEAS.589e1584af30751b3a04b8660f821bc0.exe

    • Size

      51KB

    • MD5

      589e1584af30751b3a04b8660f821bc0

    • SHA1

      d1b46320348d65a64057ab3fb20dd502f566cb7e

    • SHA256

      501377d03087523398f8e3dd5e9bed15c6ac7379970e1291cc5c781c6e64eab8

    • SHA512

      2e21af3c63e7c83bbe8717f80acb62365a33d2450f3f81252fdf11a31910751193a5173fc6edcc08a7df6a35df45e75d1264c5b7aad6fb6cc9f9d80424207c4a

    • SSDEEP

      1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy8q5W:xhOmTsF93UYfwC6GIoutq8

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks