General

  • Target

    610c2e953f61adc6782b5771e9e633ac801deaa42e94fe690c9ab68bcdf3452e.exe

  • Size

    454KB

  • Sample

    250108-ht6ftsyqaz

  • MD5

    736651e206330b5bb6a0d3ed50e01d95

  • SHA1

    70e6e988c190897fd64fc9e1ccf7ec0ef659dc09

  • SHA256

    610c2e953f61adc6782b5771e9e633ac801deaa42e94fe690c9ab68bcdf3452e

  • SHA512

    5f29987bc9c0947c86fe3d6c6be95a4e63b7ba80a0648c22d8566b11018e662253acc483aeac1e3c3e1f29ded744aa0fda69d81f6663a8552bce446aa9868eff

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

Malware Config

Targets

    • Target

      610c2e953f61adc6782b5771e9e633ac801deaa42e94fe690c9ab68bcdf3452e.exe

    • Size

      454KB

    • MD5

      736651e206330b5bb6a0d3ed50e01d95

    • SHA1

      70e6e988c190897fd64fc9e1ccf7ec0ef659dc09

    • SHA256

      610c2e953f61adc6782b5771e9e633ac801deaa42e94fe690c9ab68bcdf3452e

    • SHA512

      5f29987bc9c0947c86fe3d6c6be95a4e63b7ba80a0648c22d8566b11018e662253acc483aeac1e3c3e1f29ded744aa0fda69d81f6663a8552bce446aa9868eff

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbei:q7Tc2NYHUrAwfMp3CDi

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks