General

  • Target

    0fd8c69187cc7095f286c7423339c040N.exe

  • Size

    67KB

  • Sample

    240825-m6a8ns1cpc

  • MD5

    0fd8c69187cc7095f286c7423339c040

  • SHA1

    8478b9b7edf5d3187bd6d49cb1a143c81c863fb8

  • SHA256

    3950c9f3a1a1323881693cc7219c987477cc53858c1ded958ceae81585c0bb90

  • SHA512

    edfa1ed87e042316fb8bce89d9b79faedea5335d54b8baa16e84df53065a5c81a29e742dab9b0458c99e44bcc59fb3c1056ceedc4046447b973f3671b609e48f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcu:ymb3NkkiQ3mdBjFIsIVcu

Malware Config

Targets

    • Target

      0fd8c69187cc7095f286c7423339c040N.exe

    • Size

      67KB

    • MD5

      0fd8c69187cc7095f286c7423339c040

    • SHA1

      8478b9b7edf5d3187bd6d49cb1a143c81c863fb8

    • SHA256

      3950c9f3a1a1323881693cc7219c987477cc53858c1ded958ceae81585c0bb90

    • SHA512

      edfa1ed87e042316fb8bce89d9b79faedea5335d54b8baa16e84df53065a5c81a29e742dab9b0458c99e44bcc59fb3c1056ceedc4046447b973f3671b609e48f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAcu:ymb3NkkiQ3mdBjFIsIVcu

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks