General

  • Target

    08227424a205ee668d87c340d3809880.exe

  • Size

    587KB

  • Sample

    240518-mhcrlafa5s

  • MD5

    08227424a205ee668d87c340d3809880

  • SHA1

    55cb1c8058b9111d815ee0a6f5a7fff99408641b

  • SHA256

    0931d3d8c1b164e03910846840e9402a4dd524d6bca9c1183b4e4b8b0818edf0

  • SHA512

    dfdb4bc2ca21b75f141d0eaa5da4ccf4e937789b2802a1468a0a579b9288fd39f8dbe15adacda38dc862fded91c3edb1de503bfab2b0bf0251c8918c472c7258

  • SSDEEP

    6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayi:n3C9Lebz+xt4vFeFmgayi

Malware Config

Targets

    • Target

      08227424a205ee668d87c340d3809880.exe

    • Size

      587KB

    • MD5

      08227424a205ee668d87c340d3809880

    • SHA1

      55cb1c8058b9111d815ee0a6f5a7fff99408641b

    • SHA256

      0931d3d8c1b164e03910846840e9402a4dd524d6bca9c1183b4e4b8b0818edf0

    • SHA512

      dfdb4bc2ca21b75f141d0eaa5da4ccf4e937789b2802a1468a0a579b9288fd39f8dbe15adacda38dc862fded91c3edb1de503bfab2b0bf0251c8918c472c7258

    • SSDEEP

      6144:n3C9BRIj+ebjcSbcY+CaQdaFOY4iGFYtRdzzoyYxJAyfgayi:n3C9Lebz+xt4vFeFmgayi

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks