General

  • Target

    NEAS.b5c68ff97c6d0c5065d7e3c736c2cd60_JC.exe

  • Size

    357KB

  • Sample

    231104-ymmm5sgb25

  • MD5

    b5c68ff97c6d0c5065d7e3c736c2cd60

  • SHA1

    8368d95e640ed4932a5d2a36ea3e5d82abf42271

  • SHA256

    1622e5e8320f053169c5e0ef42da27eefb1a7b3c2882aa9da53438945842868e

  • SHA512

    d70deb526c5587d8196563e9b0cd5b711b7fec4e4024a27f6433295ac044e669230610c82ff5dde3ff5c3b7693649a6ef2d517f568d33ca71fe61745da041c55

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu0:n3C9ytvngQj429nnzeZhBP

Malware Config

Targets

    • Target

      NEAS.b5c68ff97c6d0c5065d7e3c736c2cd60_JC.exe

    • Size

      357KB

    • MD5

      b5c68ff97c6d0c5065d7e3c736c2cd60

    • SHA1

      8368d95e640ed4932a5d2a36ea3e5d82abf42271

    • SHA256

      1622e5e8320f053169c5e0ef42da27eefb1a7b3c2882aa9da53438945842868e

    • SHA512

      d70deb526c5587d8196563e9b0cd5b711b7fec4e4024a27f6433295ac044e669230610c82ff5dde3ff5c3b7693649a6ef2d517f568d33ca71fe61745da041c55

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBu0:n3C9ytvngQj429nnzeZhBP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks