General

  • Target

    0cf7e412c8377feeb74ef3b541044c70.exe

  • Size

    70KB

  • Sample

    240518-mtsbesff99

  • MD5

    0cf7e412c8377feeb74ef3b541044c70

  • SHA1

    eb44a35de2f0d0898c743d1af7b70cb76325339f

  • SHA256

    bb9fe7bf35fdb2b930882a5808494e4dd5ab65cf69a7948f86a11ac566bd0d56

  • SHA512

    1db1b8e73a70f60cd349ed0b4ec1e899de7c6ddc3bc0d14fb9cab8ae335095a25db1988270eca3aaac895d1101ecedb9e0be5195040bec0fd99b61b5939bbbd1

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUVyiAnm5Y:ymb3NkkiQ3mdBjFIgUEx

Malware Config

Targets

    • Target

      0cf7e412c8377feeb74ef3b541044c70.exe

    • Size

      70KB

    • MD5

      0cf7e412c8377feeb74ef3b541044c70

    • SHA1

      eb44a35de2f0d0898c743d1af7b70cb76325339f

    • SHA256

      bb9fe7bf35fdb2b930882a5808494e4dd5ab65cf69a7948f86a11ac566bd0d56

    • SHA512

      1db1b8e73a70f60cd349ed0b4ec1e899de7c6ddc3bc0d14fb9cab8ae335095a25db1988270eca3aaac895d1101ecedb9e0be5195040bec0fd99b61b5939bbbd1

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUVyiAnm5Y:ymb3NkkiQ3mdBjFIgUEx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks