General

  • Target

    NEAS.3f4bbfa5810221964d204a0c6294e100_JC.exe

  • Size

    118KB

  • Sample

    231022-rjwcjsbc98

  • MD5

    3f4bbfa5810221964d204a0c6294e100

  • SHA1

    466bec32e0ca0f86ef71ede41aa984efbe7fbd9d

  • SHA256

    152c3ad1e7a2dbd1992eb1685b48ddd75e7ffbdf9849d3cd9edf9247375b730b

  • SHA512

    12b670bf47e15832d726c9822102e24b888d8362a0d60cf9b54a223b44adf0b7388683556da6afc2b1881e69db981d4dd3aa2ed1c9c0f8db92b99e112dded227

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9X2OXlj4Fdp:n3C9BRo7tvnJ9GFFdp

Malware Config

Targets

    • Target

      NEAS.3f4bbfa5810221964d204a0c6294e100_JC.exe

    • Size

      118KB

    • MD5

      3f4bbfa5810221964d204a0c6294e100

    • SHA1

      466bec32e0ca0f86ef71ede41aa984efbe7fbd9d

    • SHA256

      152c3ad1e7a2dbd1992eb1685b48ddd75e7ffbdf9849d3cd9edf9247375b730b

    • SHA512

      12b670bf47e15832d726c9822102e24b888d8362a0d60cf9b54a223b44adf0b7388683556da6afc2b1881e69db981d4dd3aa2ed1c9c0f8db92b99e112dded227

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9X2OXlj4Fdp:n3C9BRo7tvnJ9GFFdp

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks