General

  • Target

    NEAS.ba29970443e0608cc1be77cbffb4f3b0.exe

  • Size

    90KB

  • Sample

    231101-rmgnkagh22

  • MD5

    ba29970443e0608cc1be77cbffb4f3b0

  • SHA1

    ad7bc751ee302e6bc4f25b3b48634d38ee4290ec

  • SHA256

    fc3cbb8c19de110d9055a0190ae32f4bd2938eee0ea68494dbfa53476cb77f37

  • SHA512

    b32d2691351a9e42f87bce26e22caac582404f117fa4b6c1caa99b7eccab878cdbad6c0e64e0570620dd7a86d52cf39f30dbf9df4e81c58021c58a5ba4bb1070

  • SSDEEP

    1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5D1QWm7JT4ht:/hOmTsF93UYfwC6GIout4Wy4r

Malware Config

Targets

    • Target

      NEAS.ba29970443e0608cc1be77cbffb4f3b0.exe

    • Size

      90KB

    • MD5

      ba29970443e0608cc1be77cbffb4f3b0

    • SHA1

      ad7bc751ee302e6bc4f25b3b48634d38ee4290ec

    • SHA256

      fc3cbb8c19de110d9055a0190ae32f4bd2938eee0ea68494dbfa53476cb77f37

    • SHA512

      b32d2691351a9e42f87bce26e22caac582404f117fa4b6c1caa99b7eccab878cdbad6c0e64e0570620dd7a86d52cf39f30dbf9df4e81c58021c58a5ba4bb1070

    • SSDEEP

      1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5D1QWm7JT4ht:/hOmTsF93UYfwC6GIout4Wy4r

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks