General

  • Target

    NEAS.e385293cc23e7d21148f41cafc49ada0.exe

  • Size

    125KB

  • Sample

    231102-vc31labf2z

  • MD5

    e385293cc23e7d21148f41cafc49ada0

  • SHA1

    6263701d4ca3db844cd4edaead1752fa93447cce

  • SHA256

    91bf29a1ea06f4dcda99c32711ee80dba8a304e4ea69ff89338c63901e3cca18

  • SHA512

    9db537f54f0474d48da75fa70c68dbfc59878e54e2c699d7c75de35832aba22d874310175d03f15d7ea4d40a1f741dbc85e96a051a9fbdbb0b23485af5fc0e4d

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohDLSULrCimBaH8UH304Fna:n3C9BRo/AIuunSppaH8m3ps

Malware Config

Targets

    • Target

      NEAS.e385293cc23e7d21148f41cafc49ada0.exe

    • Size

      125KB

    • MD5

      e385293cc23e7d21148f41cafc49ada0

    • SHA1

      6263701d4ca3db844cd4edaead1752fa93447cce

    • SHA256

      91bf29a1ea06f4dcda99c32711ee80dba8a304e4ea69ff89338c63901e3cca18

    • SHA512

      9db537f54f0474d48da75fa70c68dbfc59878e54e2c699d7c75de35832aba22d874310175d03f15d7ea4d40a1f741dbc85e96a051a9fbdbb0b23485af5fc0e4d

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohDLSULrCimBaH8UH304Fna:n3C9BRo/AIuunSppaH8m3ps

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks