General

  • Target

    1091712bdd07053f131378c4050f6260.exe

  • Size

    60KB

  • Sample

    240518-m381jagc21

  • MD5

    1091712bdd07053f131378c4050f6260

  • SHA1

    f5f55a8dce2c847290a2b9fb767a9909af0ca472

  • SHA256

    42d6a13494d3437a13cb40ff90bbc5a151930e89da7227b048dbda23cfb8cc2d

  • SHA512

    d37394af3de84c1562859a5d1eea2ab5a3a11aeb13e922d7407c658aad669055b498e09a3e6bf2e922273c6485b56b3ec5483e44ebefba1f8d489ebd50c23960

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27l:ymb3NkkiQ3mdBjFI9W

Malware Config

Targets

    • Target

      1091712bdd07053f131378c4050f6260.exe

    • Size

      60KB

    • MD5

      1091712bdd07053f131378c4050f6260

    • SHA1

      f5f55a8dce2c847290a2b9fb767a9909af0ca472

    • SHA256

      42d6a13494d3437a13cb40ff90bbc5a151930e89da7227b048dbda23cfb8cc2d

    • SHA512

      d37394af3de84c1562859a5d1eea2ab5a3a11aeb13e922d7407c658aad669055b498e09a3e6bf2e922273c6485b56b3ec5483e44ebefba1f8d489ebd50c23960

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27l:ymb3NkkiQ3mdBjFI9W

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks