General

  • Target

    473c71cd74150357e243282e5fc2d8b5fa950b915fccd8da8bf012457aa7e827N.exe

  • Size

    455KB

  • Sample

    250108-jh2tyazqa1

  • MD5

    c2d60652899237eab1f854a06e871b80

  • SHA1

    64561bbc313ee32a4e00f8ad0ab596e1721087af

  • SHA256

    473c71cd74150357e243282e5fc2d8b5fa950b915fccd8da8bf012457aa7e827

  • SHA512

    f665a96d194c72ae1041fef979274978d28b3bec8a31e49d4b164ee8dd97d1fd3bd89166c0f7933ce84e0d19efb5b5724c71a108ed87895cdb328ba695def7a3

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT2:q7Tc2NYHUrAwfMp3CDS

Malware Config

Targets

    • Target

      473c71cd74150357e243282e5fc2d8b5fa950b915fccd8da8bf012457aa7e827N.exe

    • Size

      455KB

    • MD5

      c2d60652899237eab1f854a06e871b80

    • SHA1

      64561bbc313ee32a4e00f8ad0ab596e1721087af

    • SHA256

      473c71cd74150357e243282e5fc2d8b5fa950b915fccd8da8bf012457aa7e827

    • SHA512

      f665a96d194c72ae1041fef979274978d28b3bec8a31e49d4b164ee8dd97d1fd3bd89166c0f7933ce84e0d19efb5b5724c71a108ed87895cdb328ba695def7a3

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeT2:q7Tc2NYHUrAwfMp3CDS

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks