General

  • Target

    6f49aca80209fadbf30d879214bcdf12bd06867e04a9f01babc692e835d4bde4.exe

  • Size

    454KB

  • Sample

    250127-sjxq2stray

  • MD5

    ea06855afb95f0638c8cde8c21581a04

  • SHA1

    ded48b472f3c74f3ec1dd87c5638116a2b3a2f64

  • SHA256

    6f49aca80209fadbf30d879214bcdf12bd06867e04a9f01babc692e835d4bde4

  • SHA512

    d1354b3328a7d22cf7f3091f0b5309efcfaed4abf4462ca5e030a4dcd2b2c5cd7c1f13de6a62bc52fb0fa999e42247dbe7d6551b8db51add290de5b79212be91

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbey:q7Tc2NYHUrAwfMp3CDy

Malware Config

Targets

    • Target

      6f49aca80209fadbf30d879214bcdf12bd06867e04a9f01babc692e835d4bde4.exe

    • Size

      454KB

    • MD5

      ea06855afb95f0638c8cde8c21581a04

    • SHA1

      ded48b472f3c74f3ec1dd87c5638116a2b3a2f64

    • SHA256

      6f49aca80209fadbf30d879214bcdf12bd06867e04a9f01babc692e835d4bde4

    • SHA512

      d1354b3328a7d22cf7f3091f0b5309efcfaed4abf4462ca5e030a4dcd2b2c5cd7c1f13de6a62bc52fb0fa999e42247dbe7d6551b8db51add290de5b79212be91

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbey:q7Tc2NYHUrAwfMp3CDy

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks