General

  • Target

    194099eab0d53049574faf851c2559025148572a5c4501f1cd7f430393e2b7df.exe

  • Size

    455KB

  • Sample

    250108-hvrztsyqb1

  • MD5

    70af463ee2eae9e85e8ade55ac1a0ffb

  • SHA1

    c7439c8ae931f6dad01ff9bdd68bcb2d000d3ef0

  • SHA256

    194099eab0d53049574faf851c2559025148572a5c4501f1cd7f430393e2b7df

  • SHA512

    8b41148f08c0c266b2d119758027d7ecaee6999f416f4e058d02ec966d1611f23f47a5b77ac0f4751839904fdb0fb51c5066a3c1c6b7885061583c712961692f

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR:q7Tc2NYHUrAwfMp3CDR

Malware Config

Targets

    • Target

      194099eab0d53049574faf851c2559025148572a5c4501f1cd7f430393e2b7df.exe

    • Size

      455KB

    • MD5

      70af463ee2eae9e85e8ade55ac1a0ffb

    • SHA1

      c7439c8ae931f6dad01ff9bdd68bcb2d000d3ef0

    • SHA256

      194099eab0d53049574faf851c2559025148572a5c4501f1cd7f430393e2b7df

    • SHA512

      8b41148f08c0c266b2d119758027d7ecaee6999f416f4e058d02ec966d1611f23f47a5b77ac0f4751839904fdb0fb51c5066a3c1c6b7885061583c712961692f

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeR:q7Tc2NYHUrAwfMp3CDR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks