General

  • Target

    4dbd80c8481330cf6d45c49bb4b201a4e5e903587fd94b893215e09726ba6cce.exe

  • Size

    75KB

  • Sample

    241124-hgnegsvkcp

  • MD5

    3b2cfa78ac01b81ef92a5aca15213f52

  • SHA1

    31a8050eaa5aa43c3cb9adab4e6ec3bbf5ea778d

  • SHA256

    4dbd80c8481330cf6d45c49bb4b201a4e5e903587fd94b893215e09726ba6cce

  • SHA512

    df725d212f9174c192b66510349d7cd663262b71b37dc523cb1dbdd16a0f6f62b8c4fc2aa9883f6003cbd226ca62b66f104013932a7b8be99483d9a708839136

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qiImgS5ih6:ymb3NkkiQ3mdBjFIj+qiImgS5ih6

Malware Config

Targets

    • Target

      4dbd80c8481330cf6d45c49bb4b201a4e5e903587fd94b893215e09726ba6cce.exe

    • Size

      75KB

    • MD5

      3b2cfa78ac01b81ef92a5aca15213f52

    • SHA1

      31a8050eaa5aa43c3cb9adab4e6ec3bbf5ea778d

    • SHA256

      4dbd80c8481330cf6d45c49bb4b201a4e5e903587fd94b893215e09726ba6cce

    • SHA512

      df725d212f9174c192b66510349d7cd663262b71b37dc523cb1dbdd16a0f6f62b8c4fc2aa9883f6003cbd226ca62b66f104013932a7b8be99483d9a708839136

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qiImgS5ih6:ymb3NkkiQ3mdBjFIj+qiImgS5ih6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks