General

  • Target

    238ca018f2dd01fc4f978963663373a0N.exe

  • Size

    720KB

  • Sample

    240825-lvbvdsxgjb

  • MD5

    238ca018f2dd01fc4f978963663373a0

  • SHA1

    bd98699b75d9d90b39cb17644d7f9e60f07cb066

  • SHA256

    a03ba220562499e8e61711daf3f74c9360def996abb499923c0f764d6888baab

  • SHA512

    ccd2a005c769985f30e93060237c845807bbf62574976d639168aa617123cc19dc0d06950f8813f7009138f7d3173e4ade0d8f10c349cb6709e52f500266da04

  • SSDEEP

    12288:n3C9yMCxqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsxPJp6aasUdlH7Z:Sg5qYLS7w44

Malware Config

Targets

    • Target

      238ca018f2dd01fc4f978963663373a0N.exe

    • Size

      720KB

    • MD5

      238ca018f2dd01fc4f978963663373a0

    • SHA1

      bd98699b75d9d90b39cb17644d7f9e60f07cb066

    • SHA256

      a03ba220562499e8e61711daf3f74c9360def996abb499923c0f764d6888baab

    • SHA512

      ccd2a005c769985f30e93060237c845807bbf62574976d639168aa617123cc19dc0d06950f8813f7009138f7d3173e4ade0d8f10c349cb6709e52f500266da04

    • SSDEEP

      12288:n3C9yMCxqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsxPJp6aasUdlH7Z:Sg5qYLS7w44

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks