General

  • Target

    e11df723fa3a24065667198d4143d237a00f8bf02f71407e339bc830c2ee8e55

  • Size

    3.7MB

  • Sample

    240414-cw82vadd54

  • MD5

    6f6a313908e82c8775558cdfd4100c37

  • SHA1

    34429d6cd044e2aeae41c66014a050489e226e78

  • SHA256

    e11df723fa3a24065667198d4143d237a00f8bf02f71407e339bc830c2ee8e55

  • SHA512

    ed1d6481ae17d252167410d43756e4c57bc71e3dca2378d75e7a83c25370a91eae63ab787772011575680e4e879bffb996a2cf334cf9fff372826bbfbf7c2055

  • SSDEEP

    49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98t:U6XLq/qPPslzKx/dJg1ErmNW

Malware Config

Targets

    • Target

      e11df723fa3a24065667198d4143d237a00f8bf02f71407e339bc830c2ee8e55

    • Size

      3.7MB

    • MD5

      6f6a313908e82c8775558cdfd4100c37

    • SHA1

      34429d6cd044e2aeae41c66014a050489e226e78

    • SHA256

      e11df723fa3a24065667198d4143d237a00f8bf02f71407e339bc830c2ee8e55

    • SHA512

      ed1d6481ae17d252167410d43756e4c57bc71e3dca2378d75e7a83c25370a91eae63ab787772011575680e4e879bffb996a2cf334cf9fff372826bbfbf7c2055

    • SSDEEP

      49152:gCOfN6X5tLLQTg20ITS/PPs/1kS4eKRL/SRsj0Zuur1T75YqVUrmNF98t:U6XLq/qPPslzKx/dJg1ErmNW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks