General

  • Target

    9c2b6fb6599a9507b83ed030a0aaf2cd74e20ddc7a74d6919fb679cdf6e4f4b6.exe

  • Size

    455KB

  • Sample

    250127-sa685avjfn

  • MD5

    55ce5f88d68e34726603787dfd68c003

  • SHA1

    c8796df541f7026c89d8db20c8183ab5002ad76b

  • SHA256

    9c2b6fb6599a9507b83ed030a0aaf2cd74e20ddc7a74d6919fb679cdf6e4f4b6

  • SHA512

    0c28f10a3e57a45f9ecb056642d6e5c6838e5f700345324e7b4fcd14f72e41ff300273f2b7c6ae4a43950a6c5b15af2919225ec9fa8dfc8b0d65e60f132a6660

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

Malware Config

Targets

    • Target

      9c2b6fb6599a9507b83ed030a0aaf2cd74e20ddc7a74d6919fb679cdf6e4f4b6.exe

    • Size

      455KB

    • MD5

      55ce5f88d68e34726603787dfd68c003

    • SHA1

      c8796df541f7026c89d8db20c8183ab5002ad76b

    • SHA256

      9c2b6fb6599a9507b83ed030a0aaf2cd74e20ddc7a74d6919fb679cdf6e4f4b6

    • SHA512

      0c28f10a3e57a45f9ecb056642d6e5c6838e5f700345324e7b4fcd14f72e41ff300273f2b7c6ae4a43950a6c5b15af2919225ec9fa8dfc8b0d65e60f132a6660

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeM:q7Tc2NYHUrAwfMp3CDM

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks