General

  • Target

    5a359b97c92f057dea213bcb939bef0cdea53dbd777659db8e02a6a2d8b498dc.exe

  • Size

    455KB

  • Sample

    250108-hqrhhayngs

  • MD5

    f9e55d5dcbbf756a4d601f54c1dc4bec

  • SHA1

    fe8717a1190ebbd2ecc7db0c0ae307d628317eb9

  • SHA256

    5a359b97c92f057dea213bcb939bef0cdea53dbd777659db8e02a6a2d8b498dc

  • SHA512

    42a778147d4c77ac57d8e488ae55e7b4f3a14d10e902ecf6b02b3ced5dbc99aba10a3d4cccc13c498e21ddff94f0f68c3ba1ac3f04e5bc7a90d642d95c8cf6d9

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      5a359b97c92f057dea213bcb939bef0cdea53dbd777659db8e02a6a2d8b498dc.exe

    • Size

      455KB

    • MD5

      f9e55d5dcbbf756a4d601f54c1dc4bec

    • SHA1

      fe8717a1190ebbd2ecc7db0c0ae307d628317eb9

    • SHA256

      5a359b97c92f057dea213bcb939bef0cdea53dbd777659db8e02a6a2d8b498dc

    • SHA512

      42a778147d4c77ac57d8e488ae55e7b4f3a14d10e902ecf6b02b3ced5dbc99aba10a3d4cccc13c498e21ddff94f0f68c3ba1ac3f04e5bc7a90d642d95c8cf6d9

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks