General

  • Target

    ec90002ad4969177af4621938351830f23ff5aae092d16ffbdb6e4208f254e8e.exe

  • Size

    454KB

  • Sample

    250108-fek58svlay

  • MD5

    c982d63accec4d9c71e53d9e2b0902b5

  • SHA1

    ca15d0bce276d87fda67923ab801c9f4514861d0

  • SHA256

    ec90002ad4969177af4621938351830f23ff5aae092d16ffbdb6e4208f254e8e

  • SHA512

    d5cc82b8710512724995d526af6cd126191005840a1cf59b2b9713bc1332f471a4f0ad2099c6be73f72970e3b34396ee05576c307b21090243c3cedfd9ab36dd

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

Malware Config

Targets

    • Target

      ec90002ad4969177af4621938351830f23ff5aae092d16ffbdb6e4208f254e8e.exe

    • Size

      454KB

    • MD5

      c982d63accec4d9c71e53d9e2b0902b5

    • SHA1

      ca15d0bce276d87fda67923ab801c9f4514861d0

    • SHA256

      ec90002ad4969177af4621938351830f23ff5aae092d16ffbdb6e4208f254e8e

    • SHA512

      d5cc82b8710512724995d526af6cd126191005840a1cf59b2b9713bc1332f471a4f0ad2099c6be73f72970e3b34396ee05576c307b21090243c3cedfd9ab36dd

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks