General

  • Target

    NEAS.14ac9a10afb65d235851faebbb312b40_JC.exe

  • Size

    101KB

  • Sample

    231102-leelcaaa7s

  • MD5

    14ac9a10afb65d235851faebbb312b40

  • SHA1

    4d80874cd6e4f377f9dd3560ba46472e6231b9ac

  • SHA256

    fd971b110550cb22b8be4dda22a7125cf6dbae54611b4bbd606c81d2f10fca69

  • SHA512

    97cc1d225741a7daf7a0f229ecd771a7952c0c452a5c105d67c2cdbc0d01f326ad601d9adfa61f774212ba73602179ae122f6661e5fc1ef01e915299b8aa6b28

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHql:n3C9BRo7tvnJ99T/KZEl

Malware Config

Targets

    • Target

      NEAS.14ac9a10afb65d235851faebbb312b40_JC.exe

    • Size

      101KB

    • MD5

      14ac9a10afb65d235851faebbb312b40

    • SHA1

      4d80874cd6e4f377f9dd3560ba46472e6231b9ac

    • SHA256

      fd971b110550cb22b8be4dda22a7125cf6dbae54611b4bbd606c81d2f10fca69

    • SHA512

      97cc1d225741a7daf7a0f229ecd771a7952c0c452a5c105d67c2cdbc0d01f326ad601d9adfa61f774212ba73602179ae122f6661e5fc1ef01e915299b8aa6b28

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHql:n3C9BRo7tvnJ99T/KZEl

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks