General

  • Target

    a6649cebd4f38845634941115648ca2f2a820fd1f274f7993c25a70fa97ca35a.exe

  • Size

    454KB

  • Sample

    250108-h3cvwa1rfq

  • MD5

    7274e150b5a85a41a35089bfa50cc790

  • SHA1

    1bad12e134c8fa99c5ebbdb0ad8ee67e38506485

  • SHA256

    a6649cebd4f38845634941115648ca2f2a820fd1f274f7993c25a70fa97ca35a

  • SHA512

    b7b9ba5dd8eb6d184dea0afd972c4d052a2dd1286e160207aa5692d31ad2913b027e980f3d43502236d33347d00e7531dc999c444e54866afb1503da64c07fab

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

Malware Config

Targets

    • Target

      a6649cebd4f38845634941115648ca2f2a820fd1f274f7993c25a70fa97ca35a.exe

    • Size

      454KB

    • MD5

      7274e150b5a85a41a35089bfa50cc790

    • SHA1

      1bad12e134c8fa99c5ebbdb0ad8ee67e38506485

    • SHA256

      a6649cebd4f38845634941115648ca2f2a820fd1f274f7993c25a70fa97ca35a

    • SHA512

      b7b9ba5dd8eb6d184dea0afd972c4d052a2dd1286e160207aa5692d31ad2913b027e980f3d43502236d33347d00e7531dc999c444e54866afb1503da64c07fab

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbek:q7Tc2NYHUrAwfMp3CDk

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks