General

  • Target

    1815b7f9a5f5e5c066d323648b9fda6e112040d2ea4c883a2f3d3c57df785991N.exe

  • Size

    335KB

  • Sample

    250108-jdn3aaznez

  • MD5

    2e7868b0c6b122e9524dcc935540edf0

  • SHA1

    b7b85b72c6edcaf68936febd06bd438d18c520cf

  • SHA256

    1815b7f9a5f5e5c066d323648b9fda6e112040d2ea4c883a2f3d3c57df785991

  • SHA512

    3f5c04e114228fa9cb8aa1f8629fea4c75c3b7b6a4dd7a30ccebb304e810a91cc0c41a16f84de6e265d5d9344bf12aaf5aeaec29c6910c23bfbe3a280b74d56c

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR:R4wFHoSHYHUrAwfMp3CDR

Malware Config

Targets

    • Target

      1815b7f9a5f5e5c066d323648b9fda6e112040d2ea4c883a2f3d3c57df785991N.exe

    • Size

      335KB

    • MD5

      2e7868b0c6b122e9524dcc935540edf0

    • SHA1

      b7b85b72c6edcaf68936febd06bd438d18c520cf

    • SHA256

      1815b7f9a5f5e5c066d323648b9fda6e112040d2ea4c883a2f3d3c57df785991

    • SHA512

      3f5c04e114228fa9cb8aa1f8629fea4c75c3b7b6a4dd7a30ccebb304e810a91cc0c41a16f84de6e265d5d9344bf12aaf5aeaec29c6910c23bfbe3a280b74d56c

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeR:R4wFHoSHYHUrAwfMp3CDR

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks