General

  • Target

    0b1296a59efd90b7aa5f572ea5d925550565ed7943ae8ddbb012c2114e745402N.exe

  • Size

    457KB

  • Sample

    250127-saxppatmgz

  • MD5

    b779935bffd428c7886845e7cc907710

  • SHA1

    e7b8af91de0ff341bd921215437a7f8b13679258

  • SHA256

    0b1296a59efd90b7aa5f572ea5d925550565ed7943ae8ddbb012c2114e745402

  • SHA512

    0cb3f0fe2186748cd22b890e9a346ee81533e699415f3d8a6b18985b2bb0ce4028710e76f1209cb3ae8e077476cfbb86241341f5ccabb578f82d662366c9ec78

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbemJ:q7Tc2NYHUrAwfMp3CDmJ

Malware Config

Targets

    • Target

      0b1296a59efd90b7aa5f572ea5d925550565ed7943ae8ddbb012c2114e745402N.exe

    • Size

      457KB

    • MD5

      b779935bffd428c7886845e7cc907710

    • SHA1

      e7b8af91de0ff341bd921215437a7f8b13679258

    • SHA256

      0b1296a59efd90b7aa5f572ea5d925550565ed7943ae8ddbb012c2114e745402

    • SHA512

      0cb3f0fe2186748cd22b890e9a346ee81533e699415f3d8a6b18985b2bb0ce4028710e76f1209cb3ae8e077476cfbb86241341f5ccabb578f82d662366c9ec78

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbemJ:q7Tc2NYHUrAwfMp3CDmJ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks