General

  • Target

    b99586c3fc6e0f48f064ac8a49ddc657ab932b3c9a7b71ff8e0ceecf9494a70a.exe

  • Size

    69KB

  • Sample

    241124-rhjx5azkak

  • MD5

    4a8039cf581bbec82ee1fd8d9743cc77

  • SHA1

    1cb69dd2513e70ae1f0644007ac9343e350df2da

  • SHA256

    b99586c3fc6e0f48f064ac8a49ddc657ab932b3c9a7b71ff8e0ceecf9494a70a

  • SHA512

    23b61816860e13ba4b573bce98cdfa21437d5b051547d43215ac154b32a37094c64aacbdde9881eefb6142da861c2f1b061c69143561ec68956d05beaba561f7

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAch:ymb3NkkiQ3mdBjFIsIVch

Malware Config

Targets

    • Target

      b99586c3fc6e0f48f064ac8a49ddc657ab932b3c9a7b71ff8e0ceecf9494a70a.exe

    • Size

      69KB

    • MD5

      4a8039cf581bbec82ee1fd8d9743cc77

    • SHA1

      1cb69dd2513e70ae1f0644007ac9343e350df2da

    • SHA256

      b99586c3fc6e0f48f064ac8a49ddc657ab932b3c9a7b71ff8e0ceecf9494a70a

    • SHA512

      23b61816860e13ba4b573bce98cdfa21437d5b051547d43215ac154b32a37094c64aacbdde9881eefb6142da861c2f1b061c69143561ec68956d05beaba561f7

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIoAch:ymb3NkkiQ3mdBjFIsIVch

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks