General

  • Target

    f5facdca86710cffadcd4289db9198bdb4cb4fd180d9e343b7ad47af5af0a697N.exe

  • Size

    454KB

  • Sample

    250127-sjpenstqh1

  • MD5

    2ef0e5b7106ef1819744d7318d34cc30

  • SHA1

    a67677917d175ab1814b5fe1e1e9a72539f93667

  • SHA256

    f5facdca86710cffadcd4289db9198bdb4cb4fd180d9e343b7ad47af5af0a697

  • SHA512

    82841467613e46d652eb158428db2ccc019f454be74d247e82f0b3c58b0ae59649572d0bb43f166a2cc2d1f745365c4a0f9b49c7705708d98adf4ba99e57c710

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeI:q7Tc2NYHUrAwfMp3CDI

Malware Config

Targets

    • Target

      f5facdca86710cffadcd4289db9198bdb4cb4fd180d9e343b7ad47af5af0a697N.exe

    • Size

      454KB

    • MD5

      2ef0e5b7106ef1819744d7318d34cc30

    • SHA1

      a67677917d175ab1814b5fe1e1e9a72539f93667

    • SHA256

      f5facdca86710cffadcd4289db9198bdb4cb4fd180d9e343b7ad47af5af0a697

    • SHA512

      82841467613e46d652eb158428db2ccc019f454be74d247e82f0b3c58b0ae59649572d0bb43f166a2cc2d1f745365c4a0f9b49c7705708d98adf4ba99e57c710

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeI:q7Tc2NYHUrAwfMp3CDI

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks