General

  • Target

    12664a7760b07e5a71a2cdc5b281c79d8db8534493c5307708d8a43d75a35223N.exe

  • Size

    454KB

  • Sample

    250127-sljbfavnfr

  • MD5

    df1044081316eb7de40ca0b97296acc0

  • SHA1

    5104f21e25a46be2d7397b41ff0c8d9fb35dcc63

  • SHA256

    12664a7760b07e5a71a2cdc5b281c79d8db8534493c5307708d8a43d75a35223

  • SHA512

    95cbd07354933c6c2b9b83395e97236c80c0e59372bc52c099d7693e9ed20e5d80358eb8ce214a79673146eaa985bdbc153ac116740fde5aa6102ab96461f736

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeA3:q7Tc2NYHUrAwfMp3CDA3

Malware Config

Targets

    • Target

      12664a7760b07e5a71a2cdc5b281c79d8db8534493c5307708d8a43d75a35223N.exe

    • Size

      454KB

    • MD5

      df1044081316eb7de40ca0b97296acc0

    • SHA1

      5104f21e25a46be2d7397b41ff0c8d9fb35dcc63

    • SHA256

      12664a7760b07e5a71a2cdc5b281c79d8db8534493c5307708d8a43d75a35223

    • SHA512

      95cbd07354933c6c2b9b83395e97236c80c0e59372bc52c099d7693e9ed20e5d80358eb8ce214a79673146eaa985bdbc153ac116740fde5aa6102ab96461f736

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeA3:q7Tc2NYHUrAwfMp3CDA3

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks