General

  • Target

    NEAS.02fc29946a7a5b6dbfc932f9651fd610_JC.exe

  • Size

    159KB

  • Sample

    231103-b23lksab5y

  • MD5

    02fc29946a7a5b6dbfc932f9651fd610

  • SHA1

    d2936a5ac22a119532436f4e8ccb23f659deedc6

  • SHA256

    657795f3256db837c6d282877101128635713124d89dd09b94dfb13e7088bb19

  • SHA512

    a9c02275bacbd48c340e8daeb8905ef4b9f559eb7e894a62ba754a68c56f7d324d6fa2ff15d9cb3ba9f1a51784b653abe11ebc01dc529f046b8ba1ae586606d7

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73HUoMsAbrFcFisXqOi8yzr:n3C9BRo7HCsAbhEXqOiVzr

Malware Config

Targets

    • Target

      NEAS.02fc29946a7a5b6dbfc932f9651fd610_JC.exe

    • Size

      159KB

    • MD5

      02fc29946a7a5b6dbfc932f9651fd610

    • SHA1

      d2936a5ac22a119532436f4e8ccb23f659deedc6

    • SHA256

      657795f3256db837c6d282877101128635713124d89dd09b94dfb13e7088bb19

    • SHA512

      a9c02275bacbd48c340e8daeb8905ef4b9f559eb7e894a62ba754a68c56f7d324d6fa2ff15d9cb3ba9f1a51784b653abe11ebc01dc529f046b8ba1ae586606d7

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73HUoMsAbrFcFisXqOi8yzr:n3C9BRo7HCsAbhEXqOiVzr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks