General

  • Target

    4788db99955c046f7c91beb1dd09e5c378f1d4681219a5e16121880a186c1f05

  • Size

    55KB

  • Sample

    240305-yqy6cagh62

  • MD5

    bee693a3e88bdbaead4311e06455974e

  • SHA1

    461131c90f5ce809358aa02dca8d2a9d88b03ef0

  • SHA256

    4788db99955c046f7c91beb1dd09e5c378f1d4681219a5e16121880a186c1f05

  • SHA512

    3fa10ade5d45dcbf0639de5666efe9291d948480990f14b02720e62acdddb2fd643c1df4b801e5bacb229f56308ac51ceaccf3661b4d39cc8e016f522e6b749d

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIv6u:ymb3NkkiQ3mdBjFIv/

Malware Config

Targets

    • Target

      4788db99955c046f7c91beb1dd09e5c378f1d4681219a5e16121880a186c1f05

    • Size

      55KB

    • MD5

      bee693a3e88bdbaead4311e06455974e

    • SHA1

      461131c90f5ce809358aa02dca8d2a9d88b03ef0

    • SHA256

      4788db99955c046f7c91beb1dd09e5c378f1d4681219a5e16121880a186c1f05

    • SHA512

      3fa10ade5d45dcbf0639de5666efe9291d948480990f14b02720e62acdddb2fd643c1df4b801e5bacb229f56308ac51ceaccf3661b4d39cc8e016f522e6b749d

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIv6u:ymb3NkkiQ3mdBjFIv/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks