General

  • Target

    4141f1053980235883e02609b8352588613710c492ef3bd9665247e3f2b08cc2.exe

  • Size

    457KB

  • Sample

    250127-sjycksvnap

  • MD5

    045327cac0578516bb2b9c54a5e15414

  • SHA1

    a26ae86590b1ccc30ba14c382f22700171fcfd62

  • SHA256

    4141f1053980235883e02609b8352588613710c492ef3bd9665247e3f2b08cc2

  • SHA512

    a31525ccafd27b41be1137d0a1216ca02b48c35416e45cf7a83047c219f7a8a36ffcb42788012177914cfd92987e56f213876ba70bda73ab5160b1eaf7bd78bd

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRC1:q7Tc2NYHUrAwfMp3CDRC1

Malware Config

Targets

    • Target

      4141f1053980235883e02609b8352588613710c492ef3bd9665247e3f2b08cc2.exe

    • Size

      457KB

    • MD5

      045327cac0578516bb2b9c54a5e15414

    • SHA1

      a26ae86590b1ccc30ba14c382f22700171fcfd62

    • SHA256

      4141f1053980235883e02609b8352588613710c492ef3bd9665247e3f2b08cc2

    • SHA512

      a31525ccafd27b41be1137d0a1216ca02b48c35416e45cf7a83047c219f7a8a36ffcb42788012177914cfd92987e56f213876ba70bda73ab5160b1eaf7bd78bd

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRC1:q7Tc2NYHUrAwfMp3CDRC1

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks