General

  • Target

    bd04590be07f0e2ce807bec273ec8ec74878e10d26472fd7693c685b38d4773fN.exe

  • Size

    454KB

  • Sample

    250108-ff3rnsxlbq

  • MD5

    f29e38fdaf0a48be2b2a32df64839e10

  • SHA1

    44cd4e193bb707acad0de91320b78fd5c3e5b5f3

  • SHA256

    bd04590be07f0e2ce807bec273ec8ec74878e10d26472fd7693c685b38d4773f

  • SHA512

    52f191dd78b54888227aa7b67cdf03c7e6b0c6095d351d3cce69ef228eaed0b8d0ea2e0670d58d4fcacc0dd5f7bbad1c3f34f869f0bff74008033aa04cd6cd82

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR:q7Tc2NYHUrAwfMp3CDR

Malware Config

Targets

    • Target

      bd04590be07f0e2ce807bec273ec8ec74878e10d26472fd7693c685b38d4773fN.exe

    • Size

      454KB

    • MD5

      f29e38fdaf0a48be2b2a32df64839e10

    • SHA1

      44cd4e193bb707acad0de91320b78fd5c3e5b5f3

    • SHA256

      bd04590be07f0e2ce807bec273ec8ec74878e10d26472fd7693c685b38d4773f

    • SHA512

      52f191dd78b54888227aa7b67cdf03c7e6b0c6095d351d3cce69ef228eaed0b8d0ea2e0670d58d4fcacc0dd5f7bbad1c3f34f869f0bff74008033aa04cd6cd82

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR:q7Tc2NYHUrAwfMp3CDR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks