General

  • Target

    efb1119aadc2b3f574e9a708b1fb4fc3590861a8481d93d561d8719b60a57e8b.exe

  • Size

    454KB

  • Sample

    250108-h7gdvsskbj

  • MD5

    1c977ccb5393f8f5cff03b6ce0871d9f

  • SHA1

    bc0d6f2e5733d0192033a4a1a6f543443a5cf2b1

  • SHA256

    efb1119aadc2b3f574e9a708b1fb4fc3590861a8481d93d561d8719b60a57e8b

  • SHA512

    91fbe701f28ae8552ad002b1e2219708b451aeb3048d42346bb3b5edd10cd6c569004290c0a85396464dd9512054909bfadb40b428f6e7b5395686d0b82bce0b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe83:q7Tc2NYHUrAwfMp3CD83

Malware Config

Targets

    • Target

      efb1119aadc2b3f574e9a708b1fb4fc3590861a8481d93d561d8719b60a57e8b.exe

    • Size

      454KB

    • MD5

      1c977ccb5393f8f5cff03b6ce0871d9f

    • SHA1

      bc0d6f2e5733d0192033a4a1a6f543443a5cf2b1

    • SHA256

      efb1119aadc2b3f574e9a708b1fb4fc3590861a8481d93d561d8719b60a57e8b

    • SHA512

      91fbe701f28ae8552ad002b1e2219708b451aeb3048d42346bb3b5edd10cd6c569004290c0a85396464dd9512054909bfadb40b428f6e7b5395686d0b82bce0b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe83:q7Tc2NYHUrAwfMp3CD83

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks