General

  • Target

    NEAS.ce2777060c1053e97ebf140d4ebba920.exe

  • Size

    78KB

  • Sample

    231022-v14a9sag67

  • MD5

    ce2777060c1053e97ebf140d4ebba920

  • SHA1

    ea6f265dbcd2cfe8748b2bb493ea1536a417d804

  • SHA256

    3736bb1c6250e5f286d7639ace2837596a9fe377c959e9ce0deef4bec5c38484

  • SHA512

    eabc418fafa0b45f4d0ae744f10f17ac9b3bc633715ecfdc2559444d90c531f9c4aa5ebbbabcdbf22322bc91f9ed1d99bb03855aabf3eaa26aa0d5a155abbdee

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAwHSYqT:ymb3NkkiQ3mdBjFIpkPcy8qsHSHT

Malware Config

Targets

    • Target

      NEAS.ce2777060c1053e97ebf140d4ebba920.exe

    • Size

      78KB

    • MD5

      ce2777060c1053e97ebf140d4ebba920

    • SHA1

      ea6f265dbcd2cfe8748b2bb493ea1536a417d804

    • SHA256

      3736bb1c6250e5f286d7639ace2837596a9fe377c959e9ce0deef4bec5c38484

    • SHA512

      eabc418fafa0b45f4d0ae744f10f17ac9b3bc633715ecfdc2559444d90c531f9c4aa5ebbbabcdbf22322bc91f9ed1d99bb03855aabf3eaa26aa0d5a155abbdee

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIjaQkPcy8WTeAwHSYqT:ymb3NkkiQ3mdBjFIpkPcy8qsHSHT

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks