General

  • Target

    29d7f2e571c55edfb353373791c5be3bfd59e4be0c8bf31ab7edce0de2251b57.exe

  • Size

    333KB

  • Sample

    250108-fy6laaxrgn

  • MD5

    af82baab253f4670f4e5fcc17c08c187

  • SHA1

    49c5ea655b3e0d2221a75bff9637210edc133b3d

  • SHA256

    29d7f2e571c55edfb353373791c5be3bfd59e4be0c8bf31ab7edce0de2251b57

  • SHA512

    d731aa7bdde5074ddeee26f2eacaa19f5491faef5e1832988727605272496aed59cea26e8c7da58c026973381218cbd8d4974f2eb10306c1ccb2b201b14e8fca

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeC:R4wFHoSHYHUrAwfMp3CDC

Malware Config

Targets

    • Target

      29d7f2e571c55edfb353373791c5be3bfd59e4be0c8bf31ab7edce0de2251b57.exe

    • Size

      333KB

    • MD5

      af82baab253f4670f4e5fcc17c08c187

    • SHA1

      49c5ea655b3e0d2221a75bff9637210edc133b3d

    • SHA256

      29d7f2e571c55edfb353373791c5be3bfd59e4be0c8bf31ab7edce0de2251b57

    • SHA512

      d731aa7bdde5074ddeee26f2eacaa19f5491faef5e1832988727605272496aed59cea26e8c7da58c026973381218cbd8d4974f2eb10306c1ccb2b201b14e8fca

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeC:R4wFHoSHYHUrAwfMp3CDC

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks