General

  • Target

    0f4b427b73865ee5069bd3d11778e770.exe

  • Size

    95KB

  • Sample

    240518-mz62rsga44

  • MD5

    0f4b427b73865ee5069bd3d11778e770

  • SHA1

    528c75a1f725282bc60762bc00616b2cbc08bd65

  • SHA256

    01bd10cd2b355fe9d0431d88168737a11d30d78ccd5221b3badc074cba71963b

  • SHA512

    53311e4c39a875ed64c9d4c11ed8d7a4eed982e8fcca7d2ad0af03638ea6a2883ded8214470c8e17a17fc9ed4e4dca1a26aa57af72ac49223d5d595c57d8dad1

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qP1hvZo66Ox4oq2SQwfTQT:ymb3NkkiQ3mdBjFIj+qNhvZuHQY0T

Malware Config

Targets

    • Target

      0f4b427b73865ee5069bd3d11778e770.exe

    • Size

      95KB

    • MD5

      0f4b427b73865ee5069bd3d11778e770

    • SHA1

      528c75a1f725282bc60762bc00616b2cbc08bd65

    • SHA256

      01bd10cd2b355fe9d0431d88168737a11d30d78ccd5221b3badc074cba71963b

    • SHA512

      53311e4c39a875ed64c9d4c11ed8d7a4eed982e8fcca7d2ad0af03638ea6a2883ded8214470c8e17a17fc9ed4e4dca1a26aa57af72ac49223d5d595c57d8dad1

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qP1hvZo66Ox4oq2SQwfTQT:ymb3NkkiQ3mdBjFIj+qNhvZuHQY0T

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks