General
-
Target
1f739b104b2a9889509a30f7682f8aa59f492dd1bd51b8ff0886ee1a844dd399
-
Size
4.6MB
-
Sample
231014-dmcsqafa43
-
MD5
21b284ba8664355c757ad5ed79252d36
-
SHA1
028bd7e90f75b00c179d40d58d4ab3d9d3d62d15
-
SHA256
1f739b104b2a9889509a30f7682f8aa59f492dd1bd51b8ff0886ee1a844dd399
-
SHA512
0ffe415450c723bedecd9368ff7875b5be1d4a40004ed18c5496f088daf1f3ebe60c8be1acc3c78ca3494b63f8ef7e9a696fa867c9495b598e4c36acddc23e63
-
SSDEEP
98304:Xwd5Bqp9YfzIDLE68I1Q6lHg8Hfxsg+8GhDjewfc7f:iGoCVF+/+f
Malware Config
Targets
-
-
Target
1f739b104b2a9889509a30f7682f8aa59f492dd1bd51b8ff0886ee1a844dd399
-
Size
4.6MB
-
MD5
21b284ba8664355c757ad5ed79252d36
-
SHA1
028bd7e90f75b00c179d40d58d4ab3d9d3d62d15
-
SHA256
1f739b104b2a9889509a30f7682f8aa59f492dd1bd51b8ff0886ee1a844dd399
-
SHA512
0ffe415450c723bedecd9368ff7875b5be1d4a40004ed18c5496f088daf1f3ebe60c8be1acc3c78ca3494b63f8ef7e9a696fa867c9495b598e4c36acddc23e63
-
SSDEEP
98304:Xwd5Bqp9YfzIDLE68I1Q6lHg8Hfxsg+8GhDjewfc7f:iGoCVF+/+f
Score10/10-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
VMProtect packed file
Detects executables packed with VMProtect commercial packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-