General

  • Target

    4f0173755f342239835e8eb761ee2d978029a0c4c8d9840b51e320a8aca6885fN.exe

  • Size

    453KB

  • Sample

    250108-jqw9essrhl

  • MD5

    cfbfbb9298786e6ee8e5bd122b42e4e0

  • SHA1

    073142cb249dfceef2b5d1e9072aaef5f035f8b8

  • SHA256

    4f0173755f342239835e8eb761ee2d978029a0c4c8d9840b51e320a8aca6885f

  • SHA512

    cd610d238ae113fcf301959e0134c98f440e0f21a0dbb4b73375ea618fff1acdf9d542c7c35a33b56892c40e258c3a50878e782ffa6eec21f927b4bf731aea14

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeHL:q7Tc2NYHUrAwfMp3CDHL

Malware Config

Targets

    • Target

      4f0173755f342239835e8eb761ee2d978029a0c4c8d9840b51e320a8aca6885fN.exe

    • Size

      453KB

    • MD5

      cfbfbb9298786e6ee8e5bd122b42e4e0

    • SHA1

      073142cb249dfceef2b5d1e9072aaef5f035f8b8

    • SHA256

      4f0173755f342239835e8eb761ee2d978029a0c4c8d9840b51e320a8aca6885f

    • SHA512

      cd610d238ae113fcf301959e0134c98f440e0f21a0dbb4b73375ea618fff1acdf9d542c7c35a33b56892c40e258c3a50878e782ffa6eec21f927b4bf731aea14

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeHL:q7Tc2NYHUrAwfMp3CDHL

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks