General

  • Target

    a70a6859504b9a0822a4194b0156f992bba8b56798e53956774fbc4658e00cb6.exe

  • Size

    455KB

  • Sample

    250127-scs5aatnex

  • MD5

    ca4ecb71f2768dbdeb591d51aefac160

  • SHA1

    da56e76d74979675549e2bbcc0539c6aceb20364

  • SHA256

    a70a6859504b9a0822a4194b0156f992bba8b56798e53956774fbc4658e00cb6

  • SHA512

    e5dd6e9569dbe2f90e2471b323e5d54edd4b7116c9a4c98cbca034215e65b07be119cf3fdd5759b8a04160bdf3045323d38e9caf48a6c7fc32f945a77adc1e1a

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTV:q7Tc2NYHUrAwfMp3CDJ

Malware Config

Targets

    • Target

      a70a6859504b9a0822a4194b0156f992bba8b56798e53956774fbc4658e00cb6.exe

    • Size

      455KB

    • MD5

      ca4ecb71f2768dbdeb591d51aefac160

    • SHA1

      da56e76d74979675549e2bbcc0539c6aceb20364

    • SHA256

      a70a6859504b9a0822a4194b0156f992bba8b56798e53956774fbc4658e00cb6

    • SHA512

      e5dd6e9569dbe2f90e2471b323e5d54edd4b7116c9a4c98cbca034215e65b07be119cf3fdd5759b8a04160bdf3045323d38e9caf48a6c7fc32f945a77adc1e1a

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeTV:q7Tc2NYHUrAwfMp3CDJ

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks