General

  • Target

    e2678beceaa306f0c4139ab944aa085c10c57620861a9d8edb2a31c1bde92d60N.exe

  • Size

    455KB

  • Sample

    250108-f1sgfayjbn

  • MD5

    7b774297be3f974664f5306905173550

  • SHA1

    50e4c2a22610dc5c0f57478c3b51d5c1ae3f113f

  • SHA256

    e2678beceaa306f0c4139ab944aa085c10c57620861a9d8edb2a31c1bde92d60

  • SHA512

    5c26f1f54d8ca8dab0994399997486b22b680af612041ec65167cd22d75e7bf7dfcbc42df5e81649b94ab130db0e2080691fc9dbfeb0869df5955e77f9fc287f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

Malware Config

Targets

    • Target

      e2678beceaa306f0c4139ab944aa085c10c57620861a9d8edb2a31c1bde92d60N.exe

    • Size

      455KB

    • MD5

      7b774297be3f974664f5306905173550

    • SHA1

      50e4c2a22610dc5c0f57478c3b51d5c1ae3f113f

    • SHA256

      e2678beceaa306f0c4139ab944aa085c10c57620861a9d8edb2a31c1bde92d60

    • SHA512

      5c26f1f54d8ca8dab0994399997486b22b680af612041ec65167cd22d75e7bf7dfcbc42df5e81649b94ab130db0e2080691fc9dbfeb0869df5955e77f9fc287f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbed:q7Tc2NYHUrAwfMp3CDd

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks