General

  • Target

    29fbfe3a7e49219c0aeea998093e3b1b15915170794a7d33cbdad6290c81918fN.exe

  • Size

    453KB

  • Sample

    250108-h2zm9azjet

  • MD5

    a1116d6bfa61125560eaff75ac26caa0

  • SHA1

    f0cb409e123ad4c8d2942881d2b88dfaac46e842

  • SHA256

    29fbfe3a7e49219c0aeea998093e3b1b15915170794a7d33cbdad6290c81918f

  • SHA512

    3cbc69b08a451cdeae09bf71cdd989516036c9822419b7cd930d3d1dd5916e9102a501f97fb86b96405b25b931f7dfb1073b8019ea49fe3865ff04c55767cea3

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet:q7Tc2NYHUrAwfMp3CDt

Malware Config

Targets

    • Target

      29fbfe3a7e49219c0aeea998093e3b1b15915170794a7d33cbdad6290c81918fN.exe

    • Size

      453KB

    • MD5

      a1116d6bfa61125560eaff75ac26caa0

    • SHA1

      f0cb409e123ad4c8d2942881d2b88dfaac46e842

    • SHA256

      29fbfe3a7e49219c0aeea998093e3b1b15915170794a7d33cbdad6290c81918f

    • SHA512

      3cbc69b08a451cdeae09bf71cdd989516036c9822419b7cd930d3d1dd5916e9102a501f97fb86b96405b25b931f7dfb1073b8019ea49fe3865ff04c55767cea3

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbet:q7Tc2NYHUrAwfMp3CDt

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks