General

  • Target

    899777d98ceb0bb8da17ebad793f3e010953bbde5fbbc6bb2c4bac4be4193007.exe

  • Size

    332KB

  • Sample

    250108-e74ydawqhm

  • MD5

    485599b9df9ad994b84ce6c37b1e4834

  • SHA1

    2698146cb572e4ca720e882bbd12daf817f2d60c

  • SHA256

    899777d98ceb0bb8da17ebad793f3e010953bbde5fbbc6bb2c4bac4be4193007

  • SHA512

    83c338a741da3fb6d5dbc65eb0c80d8d3433b1e1f8518715f69e28aac5a307f0a3102b2196af587755b43a839ae246997ca7cb703f022b8710da3fa84abe5e3b

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbec:R4wFHoSHYHUrAwfMp3CDc

Malware Config

Targets

    • Target

      899777d98ceb0bb8da17ebad793f3e010953bbde5fbbc6bb2c4bac4be4193007.exe

    • Size

      332KB

    • MD5

      485599b9df9ad994b84ce6c37b1e4834

    • SHA1

      2698146cb572e4ca720e882bbd12daf817f2d60c

    • SHA256

      899777d98ceb0bb8da17ebad793f3e010953bbde5fbbc6bb2c4bac4be4193007

    • SHA512

      83c338a741da3fb6d5dbc65eb0c80d8d3433b1e1f8518715f69e28aac5a307f0a3102b2196af587755b43a839ae246997ca7cb703f022b8710da3fa84abe5e3b

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbec:R4wFHoSHYHUrAwfMp3CDc

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks