General

  • Target

    58b5a8d0b50dd4934a026a872d37dd45e830938d7cbbb14e28c406be6df9ab8a.exe

  • Size

    455KB

  • Sample

    250108-hwrepa1pgm

  • MD5

    598f5f8f4618041e13041c600c3e2b54

  • SHA1

    a2de7ba87448187758445682742e9898c3e62983

  • SHA256

    58b5a8d0b50dd4934a026a872d37dd45e830938d7cbbb14e28c406be6df9ab8a

  • SHA512

    e4289cb31855b4eef1c45e6e8f9379353febc5812fdd8ad8c8535759c63c6913548912186ceaa87ff639e7bfe28c179ac7a33dd64d3dde81982566ccac71ade3

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTq:q7Tc2NYHUrAwfMp3CD2

Malware Config

Targets

    • Target

      58b5a8d0b50dd4934a026a872d37dd45e830938d7cbbb14e28c406be6df9ab8a.exe

    • Size

      455KB

    • MD5

      598f5f8f4618041e13041c600c3e2b54

    • SHA1

      a2de7ba87448187758445682742e9898c3e62983

    • SHA256

      58b5a8d0b50dd4934a026a872d37dd45e830938d7cbbb14e28c406be6df9ab8a

    • SHA512

      e4289cb31855b4eef1c45e6e8f9379353febc5812fdd8ad8c8535759c63c6913548912186ceaa87ff639e7bfe28c179ac7a33dd64d3dde81982566ccac71ade3

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTq:q7Tc2NYHUrAwfMp3CD2

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks