General

  • Target

    NEAS.f46bfa70f323beedfce277709ba47a00.exe

  • Size

    113KB

  • Sample

    231101-rqwxnahe5v

  • MD5

    f46bfa70f323beedfce277709ba47a00

  • SHA1

    2e68a99809d8096c1dde48cd537ddc400e141593

  • SHA256

    f553ad3608302c0f5a09da4909ade1603fd6828fd0869c4ae07995bd46951576

  • SHA512

    2280f7a8576c7e1f888d6c5706a49aa3c3e78436cd238accee95525974f7cef8793721b1242d22cf41958c6e1c6bbf2d2f60662a480b07487d2ad02a9b300484

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9SRcIjPFPbYNaMt:n3C9BRo7tvnJ9qxb4aM

Malware Config

Targets

    • Target

      NEAS.f46bfa70f323beedfce277709ba47a00.exe

    • Size

      113KB

    • MD5

      f46bfa70f323beedfce277709ba47a00

    • SHA1

      2e68a99809d8096c1dde48cd537ddc400e141593

    • SHA256

      f553ad3608302c0f5a09da4909ade1603fd6828fd0869c4ae07995bd46951576

    • SHA512

      2280f7a8576c7e1f888d6c5706a49aa3c3e78436cd238accee95525974f7cef8793721b1242d22cf41958c6e1c6bbf2d2f60662a480b07487d2ad02a9b300484

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9SRcIjPFPbYNaMt:n3C9BRo7tvnJ9qxb4aM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks