General

  • Target

    5248c2cd745d555b1494e67f29321c81485d636ed0bd49239352f3ef3be1d182.exe

  • Size

    453KB

  • Sample

    250108-jraf2stjaj

  • MD5

    0d5e9250202bc78a5f46ff9dd0b21ab9

  • SHA1

    9099a64de6ada3c8e5dc6949b9181cb9dba37a36

  • SHA256

    5248c2cd745d555b1494e67f29321c81485d636ed0bd49239352f3ef3be1d182

  • SHA512

    52d3724f51de52c3ac13ecb67f86bd4fd0f5562c4d7c842805727d1170cc401765e8bdc24ba109b22f105dd54326814dc8c2774b1cf7bbc25501ee41194f62fc

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeK:q7Tc2NYHUrAwfMp3CDK

Malware Config

Targets

    • Target

      5248c2cd745d555b1494e67f29321c81485d636ed0bd49239352f3ef3be1d182.exe

    • Size

      453KB

    • MD5

      0d5e9250202bc78a5f46ff9dd0b21ab9

    • SHA1

      9099a64de6ada3c8e5dc6949b9181cb9dba37a36

    • SHA256

      5248c2cd745d555b1494e67f29321c81485d636ed0bd49239352f3ef3be1d182

    • SHA512

      52d3724f51de52c3ac13ecb67f86bd4fd0f5562c4d7c842805727d1170cc401765e8bdc24ba109b22f105dd54326814dc8c2774b1cf7bbc25501ee41194f62fc

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeK:q7Tc2NYHUrAwfMp3CDK

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks