General

  • Target

    1f77a6e57981d64395cf1dce3b1881cd198f47f01fc7bf13c4a572812310fe06.exe

  • Size

    454KB

  • Sample

    250108-h1l1rszjav

  • MD5

    3ac79e2af248cf49b6c11e25f7c1dbd3

  • SHA1

    94d4b8fa5be6deee40987970cba0f3f4bed18180

  • SHA256

    1f77a6e57981d64395cf1dce3b1881cd198f47f01fc7bf13c4a572812310fe06

  • SHA512

    95f2b7efe0eba2d28129d9e294ce3e9856e055ad42e9a8ee5b6a659af79dab8a06087427ec5d405415dfa4cc975241a2df22a0f97ff88e8e8dfacf60b4839f0e

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe4:q7Tc2NYHUrAwfMp3CD4

Malware Config

Targets

    • Target

      1f77a6e57981d64395cf1dce3b1881cd198f47f01fc7bf13c4a572812310fe06.exe

    • Size

      454KB

    • MD5

      3ac79e2af248cf49b6c11e25f7c1dbd3

    • SHA1

      94d4b8fa5be6deee40987970cba0f3f4bed18180

    • SHA256

      1f77a6e57981d64395cf1dce3b1881cd198f47f01fc7bf13c4a572812310fe06

    • SHA512

      95f2b7efe0eba2d28129d9e294ce3e9856e055ad42e9a8ee5b6a659af79dab8a06087427ec5d405415dfa4cc975241a2df22a0f97ff88e8e8dfacf60b4839f0e

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe4:q7Tc2NYHUrAwfMp3CD4

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks