General

  • Target

    b8994bc0a5bef5a98eb88e27a4795fe3653e232742788348cf0693c0cbc98aca.exe

  • Size

    455KB

  • Sample

    250108-h66blasjhq

  • MD5

    d303d53e89b9dc18750207f05355fd61

  • SHA1

    0c36b04dcef3f836c37f9a8d2f432afa1e37cd14

  • SHA256

    b8994bc0a5bef5a98eb88e27a4795fe3653e232742788348cf0693c0cbc98aca

  • SHA512

    68fa61f864263a2c512d4bf0f50b40ee2fa36d9878e58098f96a26508b85606b7dec174d176603f05e2ba0d506178d51f0baeca2f46c884191f50ae65eff2710

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTSB:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      b8994bc0a5bef5a98eb88e27a4795fe3653e232742788348cf0693c0cbc98aca.exe

    • Size

      455KB

    • MD5

      d303d53e89b9dc18750207f05355fd61

    • SHA1

      0c36b04dcef3f836c37f9a8d2f432afa1e37cd14

    • SHA256

      b8994bc0a5bef5a98eb88e27a4795fe3653e232742788348cf0693c0cbc98aca

    • SHA512

      68fa61f864263a2c512d4bf0f50b40ee2fa36d9878e58098f96a26508b85606b7dec174d176603f05e2ba0d506178d51f0baeca2f46c884191f50ae65eff2710

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTSB:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks