General

  • Target

    0e864b3d875aaaa7a882a1e469d152c0.exe

  • Size

    63KB

  • Sample

    240518-mx5qxsfh5s

  • MD5

    0e864b3d875aaaa7a882a1e469d152c0

  • SHA1

    518a3cc0cd9465b320fe6fdef885d579e7549ee1

  • SHA256

    c49b7c4776033fb00eb3d0d946440d20a0db3f29d2033147af5439cefd706390

  • SHA512

    608fb0e08f6d4464bf996088db6274b0c777000fa928cd0d9f9ff8f0c299f5599e2c166b8f2bfe805b4aae884f0c47239da53e286a987ff70476b1a72a1cf107

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12s:ymb3NkkiQ3mdBjFIFdJm9

Malware Config

Targets

    • Target

      0e864b3d875aaaa7a882a1e469d152c0.exe

    • Size

      63KB

    • MD5

      0e864b3d875aaaa7a882a1e469d152c0

    • SHA1

      518a3cc0cd9465b320fe6fdef885d579e7549ee1

    • SHA256

      c49b7c4776033fb00eb3d0d946440d20a0db3f29d2033147af5439cefd706390

    • SHA512

      608fb0e08f6d4464bf996088db6274b0c777000fa928cd0d9f9ff8f0c299f5599e2c166b8f2bfe805b4aae884f0c47239da53e286a987ff70476b1a72a1cf107

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12s:ymb3NkkiQ3mdBjFIFdJm9

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks