General

  • Target

    5076638e9aa543e55ba71018aebe900aaffa71a6e3dd55ebac3454d9ef445704.exe

  • Size

    454KB

  • Sample

    250108-h3qrqszjgy

  • MD5

    f586ee83258bf58dc0e8a2dddfd24ed8

  • SHA1

    a11cdfa5c58e6c97220c228d9d3cb5ca5f612baf

  • SHA256

    5076638e9aa543e55ba71018aebe900aaffa71a6e3dd55ebac3454d9ef445704

  • SHA512

    860cfce80fd989ad8318d7c31e64bf32feec7ac1916941233441dc90452980308a438a7730abf7eb33938d7da45c89760ccb7cebc17380f64693d90ac055e86f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeET:q7Tc2NYHUrAwfMp3CD6

Malware Config

Targets

    • Target

      5076638e9aa543e55ba71018aebe900aaffa71a6e3dd55ebac3454d9ef445704.exe

    • Size

      454KB

    • MD5

      f586ee83258bf58dc0e8a2dddfd24ed8

    • SHA1

      a11cdfa5c58e6c97220c228d9d3cb5ca5f612baf

    • SHA256

      5076638e9aa543e55ba71018aebe900aaffa71a6e3dd55ebac3454d9ef445704

    • SHA512

      860cfce80fd989ad8318d7c31e64bf32feec7ac1916941233441dc90452980308a438a7730abf7eb33938d7da45c89760ccb7cebc17380f64693d90ac055e86f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeET:q7Tc2NYHUrAwfMp3CD6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks