General

  • Target

    18fea17f96edc4f9f8c3f60a2b2c76ca8da348c7192b7219315a85a5db516b65.exe

  • Size

    335KB

  • Sample

    250108-ht31ps1pbr

  • MD5

    4fea0d294f449bda407a30e95ef99059

  • SHA1

    e1dca4a6d1cbf33b315444bd425d5ebb763ff347

  • SHA256

    18fea17f96edc4f9f8c3f60a2b2c76ca8da348c7192b7219315a85a5db516b65

  • SHA512

    cbf0dd97b40685b896477a1c2a64c48080131e7fe9ade8ec398668531e52fac3849b6e0596941f94b09e7d0b283b01bae3ff6bb76c6622d9f5764b0e01032f70

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRlh:R4wFHoSHYHUrAwfMp3CDR3

Malware Config

Targets

    • Target

      18fea17f96edc4f9f8c3f60a2b2c76ca8da348c7192b7219315a85a5db516b65.exe

    • Size

      335KB

    • MD5

      4fea0d294f449bda407a30e95ef99059

    • SHA1

      e1dca4a6d1cbf33b315444bd425d5ebb763ff347

    • SHA256

      18fea17f96edc4f9f8c3f60a2b2c76ca8da348c7192b7219315a85a5db516b65

    • SHA512

      cbf0dd97b40685b896477a1c2a64c48080131e7fe9ade8ec398668531e52fac3849b6e0596941f94b09e7d0b283b01bae3ff6bb76c6622d9f5764b0e01032f70

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRlh:R4wFHoSHYHUrAwfMp3CDR3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks