General

  • Target

    34b28a2deaad9d850c250365402d9557365c12b2eea3fb2d2006abcc3060d26fN.exe

  • Size

    454KB

  • Sample

    250108-jqrzpssrhj

  • MD5

    e258aa4d0a89e3758b0a055f842fe5d0

  • SHA1

    8fb6c1d249ad24481a3e92de9a924dbfe896dabd

  • SHA256

    34b28a2deaad9d850c250365402d9557365c12b2eea3fb2d2006abcc3060d26f

  • SHA512

    1cc7e8ddde662ea9437d27b71fb0640f60fe40a720652aebd06fb29acb60c544aa32978142f963d2aff59d8af42fbec7cb02f1ab09ef6b052c2735058354ea64

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbec:q7Tc2NYHUrAwfMp3CDc

Malware Config

Targets

    • Target

      34b28a2deaad9d850c250365402d9557365c12b2eea3fb2d2006abcc3060d26fN.exe

    • Size

      454KB

    • MD5

      e258aa4d0a89e3758b0a055f842fe5d0

    • SHA1

      8fb6c1d249ad24481a3e92de9a924dbfe896dabd

    • SHA256

      34b28a2deaad9d850c250365402d9557365c12b2eea3fb2d2006abcc3060d26f

    • SHA512

      1cc7e8ddde662ea9437d27b71fb0640f60fe40a720652aebd06fb29acb60c544aa32978142f963d2aff59d8af42fbec7cb02f1ab09ef6b052c2735058354ea64

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbec:q7Tc2NYHUrAwfMp3CDc

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks