General

  • Target

    2c42d75f2ce756bf92c271b142b549345f43bf1ef0db6b9074c757c9af95bde8N.exe

  • Size

    454KB

  • Sample

    250108-jfqnwssmgn

  • MD5

    8a58cba655cf9e0683739ac81b6843e0

  • SHA1

    d81c968d94c6393250470cc5bb90655fe1050cee

  • SHA256

    2c42d75f2ce756bf92c271b142b549345f43bf1ef0db6b9074c757c9af95bde8

  • SHA512

    e2f250c8a88c608244aa7b5bb7249496ab702cd925945a841cce15ad3489acc157ca67c4bdda1a46065b83437c8822064976313f4502232fba410f2be6c92f86

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

Malware Config

Targets

    • Target

      2c42d75f2ce756bf92c271b142b549345f43bf1ef0db6b9074c757c9af95bde8N.exe

    • Size

      454KB

    • MD5

      8a58cba655cf9e0683739ac81b6843e0

    • SHA1

      d81c968d94c6393250470cc5bb90655fe1050cee

    • SHA256

      2c42d75f2ce756bf92c271b142b549345f43bf1ef0db6b9074c757c9af95bde8

    • SHA512

      e2f250c8a88c608244aa7b5bb7249496ab702cd925945a841cce15ad3489acc157ca67c4bdda1a46065b83437c8822064976313f4502232fba410f2be6c92f86

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeJ:q7Tc2NYHUrAwfMp3CDJ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks