General

  • Target

    35bea41616c68ac0175481bf1a1369e12bc951d5b42f969ebb0f6f634e26a988N.exe

  • Size

    454KB

  • Sample

    250108-hw5mba1phm

  • MD5

    eb0105d7421e75a96737b88fb7833a80

  • SHA1

    4919a9b421314439c5b9e1c863c9aa807d75d99f

  • SHA256

    35bea41616c68ac0175481bf1a1369e12bc951d5b42f969ebb0f6f634e26a988

  • SHA512

    9ec803c42339fc1a959652422eccb07cd8123c53204f697ed71db96fe73dce02b86a15a5f5ff30c63433830d23c90a7d96e76e9c94d81e3c77a45bdda8e8ffa4

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeu:q7Tc2NYHUrAwfMp3CDu

Malware Config

Targets

    • Target

      35bea41616c68ac0175481bf1a1369e12bc951d5b42f969ebb0f6f634e26a988N.exe

    • Size

      454KB

    • MD5

      eb0105d7421e75a96737b88fb7833a80

    • SHA1

      4919a9b421314439c5b9e1c863c9aa807d75d99f

    • SHA256

      35bea41616c68ac0175481bf1a1369e12bc951d5b42f969ebb0f6f634e26a988

    • SHA512

      9ec803c42339fc1a959652422eccb07cd8123c53204f697ed71db96fe73dce02b86a15a5f5ff30c63433830d23c90a7d96e76e9c94d81e3c77a45bdda8e8ffa4

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeu:q7Tc2NYHUrAwfMp3CDu

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks