General

  • Target

    0cf63c16db9df8e350c9f4d38e8c6e60.exe

  • Size

    345KB

  • Sample

    240518-mtq4csff7w

  • MD5

    0cf63c16db9df8e350c9f4d38e8c6e60

  • SHA1

    530945e62bacc92e49c2ff56fd56f7b548d1d87e

  • SHA256

    fe495e595edd959bee47be9d85b7249f966ced90be8a5c58077fb9fb11d1bf7b

  • SHA512

    38dfa30b842b04a9304c39e251bb9f3b562440f08dcb3714b2bb857abc33b143c6952992e57c3b24d9802b33c0f557a5941c7d2a473dbc4e6c302e3373d0f532

  • SSDEEP

    6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyId:n3C9uDnUXoSWlnwJv90aKToFqwfIBT

Malware Config

Targets

    • Target

      0cf63c16db9df8e350c9f4d38e8c6e60.exe

    • Size

      345KB

    • MD5

      0cf63c16db9df8e350c9f4d38e8c6e60

    • SHA1

      530945e62bacc92e49c2ff56fd56f7b548d1d87e

    • SHA256

      fe495e595edd959bee47be9d85b7249f966ced90be8a5c58077fb9fb11d1bf7b

    • SHA512

      38dfa30b842b04a9304c39e251bb9f3b562440f08dcb3714b2bb857abc33b143c6952992e57c3b24d9802b33c0f557a5941c7d2a473dbc4e6c302e3373d0f532

    • SSDEEP

      6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyId:n3C9uDnUXoSWlnwJv90aKToFqwfIBT

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks