General

  • Target

    b6035537c117d96a6129547ef2fd30192e6936a200a59c517d8e036be5ee10d3.exe

  • Size

    457KB

  • Sample

    250127-sh8f6avmgp

  • MD5

    8414a97a708b3bd109c5c981197f3c62

  • SHA1

    fe7162ffc95fdb2fc49ad36aa80bdd5efc9c8ae2

  • SHA256

    b6035537c117d96a6129547ef2fd30192e6936a200a59c517d8e036be5ee10d3

  • SHA512

    91048837fd20a9c1cf2bfc47f975f59d4052990239aed79c49d1b4e424c0613c3a7a31385981403c0ecdce498721eb0c2402e9affec7a2c5e0b3dc8ba733fd30

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRN:q7Tc2NYHUrAwfMp3CDRN

Malware Config

Targets

    • Target

      b6035537c117d96a6129547ef2fd30192e6936a200a59c517d8e036be5ee10d3.exe

    • Size

      457KB

    • MD5

      8414a97a708b3bd109c5c981197f3c62

    • SHA1

      fe7162ffc95fdb2fc49ad36aa80bdd5efc9c8ae2

    • SHA256

      b6035537c117d96a6129547ef2fd30192e6936a200a59c517d8e036be5ee10d3

    • SHA512

      91048837fd20a9c1cf2bfc47f975f59d4052990239aed79c49d1b4e424c0613c3a7a31385981403c0ecdce498721eb0c2402e9affec7a2c5e0b3dc8ba733fd30

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRN:q7Tc2NYHUrAwfMp3CDRN

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks