General

  • Target

    59b3666629698d1df871013d021c62e322d895892e407926d98b136766484bec.exe

  • Size

    454KB

  • Sample

    250108-hxcypa1phr

  • MD5

    9b31b0d298db54113d3e2ec37ec9d09b

  • SHA1

    60448b6ca78fa6552336ed509e66d3af0388fcf8

  • SHA256

    59b3666629698d1df871013d021c62e322d895892e407926d98b136766484bec

  • SHA512

    80dca5b5270af7c14127d63f3759cebb0c5052c526a04313d780e1a7e5899527d5424ee56ae0ecc67ad0cb2acfc20c1b315190416d735b39ca75b8cde73359d1

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeA:q7Tc2NYHUrAwfMp3CDA

Malware Config

Targets

    • Target

      59b3666629698d1df871013d021c62e322d895892e407926d98b136766484bec.exe

    • Size

      454KB

    • MD5

      9b31b0d298db54113d3e2ec37ec9d09b

    • SHA1

      60448b6ca78fa6552336ed509e66d3af0388fcf8

    • SHA256

      59b3666629698d1df871013d021c62e322d895892e407926d98b136766484bec

    • SHA512

      80dca5b5270af7c14127d63f3759cebb0c5052c526a04313d780e1a7e5899527d5424ee56ae0ecc67ad0cb2acfc20c1b315190416d735b39ca75b8cde73359d1

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeA:q7Tc2NYHUrAwfMp3CDA

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks