General

  • Target

    0c7bb0c92413a39b2a7a6b78582452fa621e132445dd49adbd60fae64c2ad861.exe

  • Size

    454KB

  • Sample

    250108-jlpzjssphr

  • MD5

    695ad5b5e5f64038d8d7c21f8d1f5fc4

  • SHA1

    894fa804d69d0fca907aaf1aad59f1ca4e537360

  • SHA256

    0c7bb0c92413a39b2a7a6b78582452fa621e132445dd49adbd60fae64c2ad861

  • SHA512

    306132521177e8758c32b19bae4f79216fb95bac5e6ba8f818a6c2693b96e39b96a9bd60dea0b402eef6dd7b3fbbfa7e4afcd86b0cca9df49d113ff79f688e1c

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

Malware Config

Targets

    • Target

      0c7bb0c92413a39b2a7a6b78582452fa621e132445dd49adbd60fae64c2ad861.exe

    • Size

      454KB

    • MD5

      695ad5b5e5f64038d8d7c21f8d1f5fc4

    • SHA1

      894fa804d69d0fca907aaf1aad59f1ca4e537360

    • SHA256

      0c7bb0c92413a39b2a7a6b78582452fa621e132445dd49adbd60fae64c2ad861

    • SHA512

      306132521177e8758c32b19bae4f79216fb95bac5e6ba8f818a6c2693b96e39b96a9bd60dea0b402eef6dd7b3fbbfa7e4afcd86b0cca9df49d113ff79f688e1c

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe5:q7Tc2NYHUrAwfMp3CD5

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks