General

  • Target

    c6e0e6fab16ca79792481ae95c2c791f831e95e6d75c15f735b0fca46efeeaa2.exe

  • Size

    455KB

  • Sample

    250108-h24l7s1rfm

  • MD5

    c7de27d34f447b9990638c79a1110733

  • SHA1

    da54e6920b39d407453a998b9ca69440144d0e2f

  • SHA256

    c6e0e6fab16ca79792481ae95c2c791f831e95e6d75c15f735b0fca46efeeaa2

  • SHA512

    fa70cd3508749e0bd4845fdfd5206236fc8226b04813426c4e2a3954dd3a90d44e652c7962a78c15c9e74bce9d5859d0392a38506b1a576f42decf94ca0fe2d9

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT9:q7Tc2NYHUrAwfMp3CDZ

Malware Config

Targets

    • Target

      c6e0e6fab16ca79792481ae95c2c791f831e95e6d75c15f735b0fca46efeeaa2.exe

    • Size

      455KB

    • MD5

      c7de27d34f447b9990638c79a1110733

    • SHA1

      da54e6920b39d407453a998b9ca69440144d0e2f

    • SHA256

      c6e0e6fab16ca79792481ae95c2c791f831e95e6d75c15f735b0fca46efeeaa2

    • SHA512

      fa70cd3508749e0bd4845fdfd5206236fc8226b04813426c4e2a3954dd3a90d44e652c7962a78c15c9e74bce9d5859d0392a38506b1a576f42decf94ca0fe2d9

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT9:q7Tc2NYHUrAwfMp3CDZ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks