General

  • Target

    d9e1d76d40bccbd1b460a21029643bca8bfbe9798beae0f08c138bcd7af693f4.exe

  • Size

    456KB

  • Sample

    250108-h6pnvasjgn

  • MD5

    ef09ba38d3b0b56618358100d8201a9b

  • SHA1

    6f33ed6529f7fbd1d1fc9941de5e608c33815539

  • SHA256

    d9e1d76d40bccbd1b460a21029643bca8bfbe9798beae0f08c138bcd7af693f4

  • SHA512

    fa1685bc9b1c8f85b4348f05058ee734c5e9c970bff03b4a9e7154a0a8cda04acf5a32c324be3196af7364f2125766973b96d7f78e83654ca4c58d753e5c3784

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRy:q7Tc2NYHUrAwfMp3CDRy

Malware Config

Targets

    • Target

      d9e1d76d40bccbd1b460a21029643bca8bfbe9798beae0f08c138bcd7af693f4.exe

    • Size

      456KB

    • MD5

      ef09ba38d3b0b56618358100d8201a9b

    • SHA1

      6f33ed6529f7fbd1d1fc9941de5e608c33815539

    • SHA256

      d9e1d76d40bccbd1b460a21029643bca8bfbe9798beae0f08c138bcd7af693f4

    • SHA512

      fa1685bc9b1c8f85b4348f05058ee734c5e9c970bff03b4a9e7154a0a8cda04acf5a32c324be3196af7364f2125766973b96d7f78e83654ca4c58d753e5c3784

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRy:q7Tc2NYHUrAwfMp3CDRy

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks