General

  • Target

    NEAS.1aef6fc534094b2c439ffb6d1cec2ac0.exe

  • Size

    644KB

  • Sample

    231102-t61lwshf27

  • MD5

    1aef6fc534094b2c439ffb6d1cec2ac0

  • SHA1

    35d0d9fda2288fe72ba0a1363e6353df27e90882

  • SHA256

    a6ed0b53f7a849858cd0abb9f3f6369102868b6dcb5919afc7a0b3b8a36bf0cd

  • SHA512

    5a8d1b657de43641a3f17adc16b86e71bddc5ea3636e3094cb20561689691fc35db6a5eff41128ee9ab0ea0cc6b0a54201ba52249acec3269891bed8e2cbd8f8

  • SSDEEP

    12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsz:SgD4bhoqLDqYLS7w2

Malware Config

Targets

    • Target

      NEAS.1aef6fc534094b2c439ffb6d1cec2ac0.exe

    • Size

      644KB

    • MD5

      1aef6fc534094b2c439ffb6d1cec2ac0

    • SHA1

      35d0d9fda2288fe72ba0a1363e6353df27e90882

    • SHA256

      a6ed0b53f7a849858cd0abb9f3f6369102868b6dcb5919afc7a0b3b8a36bf0cd

    • SHA512

      5a8d1b657de43641a3f17adc16b86e71bddc5ea3636e3094cb20561689691fc35db6a5eff41128ee9ab0ea0cc6b0a54201ba52249acec3269891bed8e2cbd8f8

    • SSDEEP

      12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsz:SgD4bhoqLDqYLS7w2

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks