General

  • Target

    6d06474d2f164f14ce276d780052024a3c3273703338ab82c075d040a7089905N.exe

  • Size

    455KB

  • Sample

    250111-hlde3sskfp

  • MD5

    35807a47b499a8de05d3dd26a04e0020

  • SHA1

    c2baaaad0e16bf8fbb5754bc07d38f3d7c2c9735

  • SHA256

    6d06474d2f164f14ce276d780052024a3c3273703338ab82c075d040a7089905

  • SHA512

    16c3d53a8ff3ab07f57c0479e27795cb3bdf2932b04b91dd6d6b9692bd6ea28af6d06a9ceb4fdb44e4fbba862c244e800dff2cd8904257e822f1dfbbdff809ee

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP8:q7Tc2NYHUrAwfMp3CDP8

Malware Config

Targets

    • Target

      6d06474d2f164f14ce276d780052024a3c3273703338ab82c075d040a7089905N.exe

    • Size

      455KB

    • MD5

      35807a47b499a8de05d3dd26a04e0020

    • SHA1

      c2baaaad0e16bf8fbb5754bc07d38f3d7c2c9735

    • SHA256

      6d06474d2f164f14ce276d780052024a3c3273703338ab82c075d040a7089905

    • SHA512

      16c3d53a8ff3ab07f57c0479e27795cb3bdf2932b04b91dd6d6b9692bd6ea28af6d06a9ceb4fdb44e4fbba862c244e800dff2cd8904257e822f1dfbbdff809ee

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeP8:q7Tc2NYHUrAwfMp3CDP8

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks