General

  • Target

    0eaa3150007f6ae34d48194ae42d25d0.exe

  • Size

    460KB

  • Sample

    240518-myldnsfh6z

  • MD5

    0eaa3150007f6ae34d48194ae42d25d0

  • SHA1

    68ed7f6435ca8456173c89c9a9c7001b9c6a80e6

  • SHA256

    a4f0a2c2923683986910c735d31246b9b17bbb40a177e8f7cf922b8b591a73cd

  • SHA512

    118b0d46f0ff04f8a6b0b3db77dff7ad612cff6c220ba9aef4022038853aae38f6c157e08370ddcdb701b288e16190b1d96a4475a489dff2b22fe4cbe25bb7a0

  • SSDEEP

    6144:n3C9BRo7tvnJ9Fywhk/TJTaYvMmr3C9BRo7tvnJ9Fywhk/Tkuo:n3C9ytvn8whkbJTaFmr3C9ytvn8whkbI

Malware Config

Targets

    • Target

      0eaa3150007f6ae34d48194ae42d25d0.exe

    • Size

      460KB

    • MD5

      0eaa3150007f6ae34d48194ae42d25d0

    • SHA1

      68ed7f6435ca8456173c89c9a9c7001b9c6a80e6

    • SHA256

      a4f0a2c2923683986910c735d31246b9b17bbb40a177e8f7cf922b8b591a73cd

    • SHA512

      118b0d46f0ff04f8a6b0b3db77dff7ad612cff6c220ba9aef4022038853aae38f6c157e08370ddcdb701b288e16190b1d96a4475a489dff2b22fe4cbe25bb7a0

    • SSDEEP

      6144:n3C9BRo7tvnJ9Fywhk/TJTaYvMmr3C9BRo7tvnJ9Fywhk/Tkuo:n3C9ytvn8whkbJTaFmr3C9ytvn8whkbI

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks