General

  • Target

    ba1047ce7959fcf20eaf12b9cafcc2a4c1d5bd8f1bc0e6b98a5288d2186e6cfb.exe

  • Size

    454KB

  • Sample

    250111-hl6fvsslal

  • MD5

    537259eef678b74f5196e3621a6e4e3e

  • SHA1

    6715cffb0d83c948e90d9d85028869e9c8a908a1

  • SHA256

    ba1047ce7959fcf20eaf12b9cafcc2a4c1d5bd8f1bc0e6b98a5288d2186e6cfb

  • SHA512

    c98dbc71dfa75be4acb7233cdcf0c7555e9fac66d6ce0852493bbcc6d8f8748630f441b9f7b9b83c48f72a270bdc9d58aa07070e387603e98b53693e18645068

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbef:q7Tc2NYHUrAwfMp3CDf

Malware Config

Targets

    • Target

      ba1047ce7959fcf20eaf12b9cafcc2a4c1d5bd8f1bc0e6b98a5288d2186e6cfb.exe

    • Size

      454KB

    • MD5

      537259eef678b74f5196e3621a6e4e3e

    • SHA1

      6715cffb0d83c948e90d9d85028869e9c8a908a1

    • SHA256

      ba1047ce7959fcf20eaf12b9cafcc2a4c1d5bd8f1bc0e6b98a5288d2186e6cfb

    • SHA512

      c98dbc71dfa75be4acb7233cdcf0c7555e9fac66d6ce0852493bbcc6d8f8748630f441b9f7b9b83c48f72a270bdc9d58aa07070e387603e98b53693e18645068

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbef:q7Tc2NYHUrAwfMp3CDf

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks