General

  • Target

    7eb39d91e0690aeaedc25509cadf3f6269df12ff88f852d031e2e6a3a496be2eN.exe

  • Size

    454KB

  • Sample

    250108-jh8mgszqbw

  • MD5

    05e8eb9485a7d8e5f248b84564d228f0

  • SHA1

    9a664c81ba6a032b34a9eefccd98031843d2398b

  • SHA256

    7eb39d91e0690aeaedc25509cadf3f6269df12ff88f852d031e2e6a3a496be2e

  • SHA512

    2575cf2d0aa69628ac1ec6be4e7bc7f70d1dcb1ab8f8b5a209b5058c36182bf4aebf23398f87138feb84052552208ec5a201fec893ea084a851b4c7059c38e5b

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeO:q7Tc2NYHUrAwfMp3CDO

Malware Config

Targets

    • Target

      7eb39d91e0690aeaedc25509cadf3f6269df12ff88f852d031e2e6a3a496be2eN.exe

    • Size

      454KB

    • MD5

      05e8eb9485a7d8e5f248b84564d228f0

    • SHA1

      9a664c81ba6a032b34a9eefccd98031843d2398b

    • SHA256

      7eb39d91e0690aeaedc25509cadf3f6269df12ff88f852d031e2e6a3a496be2e

    • SHA512

      2575cf2d0aa69628ac1ec6be4e7bc7f70d1dcb1ab8f8b5a209b5058c36182bf4aebf23398f87138feb84052552208ec5a201fec893ea084a851b4c7059c38e5b

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeO:q7Tc2NYHUrAwfMp3CDO

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks