General

  • Target

    4cd2e5464efbbb7035703d387e292155b6371c13454a3e8f4be48d5d5588ee28N.exe

  • Size

    454KB

  • Sample

    250108-hp2bbaynev

  • MD5

    93331e0a7d48dc082093989a74472500

  • SHA1

    deb771c3c8c5b6f8fc52e504df3e23d8f9377947

  • SHA256

    4cd2e5464efbbb7035703d387e292155b6371c13454a3e8f4be48d5d5588ee28

  • SHA512

    fe414abaa0b784cd38ce5bf307d4aa9a6ecee577f6b2756ca42fadddc9074680b1c9597fdd1c68a22f2b3b512d3d668ae14e9b8f756338697b6d7510e596a1bf

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

Malware Config

Targets

    • Target

      4cd2e5464efbbb7035703d387e292155b6371c13454a3e8f4be48d5d5588ee28N.exe

    • Size

      454KB

    • MD5

      93331e0a7d48dc082093989a74472500

    • SHA1

      deb771c3c8c5b6f8fc52e504df3e23d8f9377947

    • SHA256

      4cd2e5464efbbb7035703d387e292155b6371c13454a3e8f4be48d5d5588ee28

    • SHA512

      fe414abaa0b784cd38ce5bf307d4aa9a6ecee577f6b2756ca42fadddc9074680b1c9597fdd1c68a22f2b3b512d3d668ae14e9b8f756338697b6d7510e596a1bf

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe6:q7Tc2NYHUrAwfMp3CD6

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks