General

  • Target

    fcde640288f351db48f40205e5a0b97e3541a0bd7034d3e41cd24048c3e2e732

  • Size

    100KB

  • Sample

    240504-f1rj5seb2v

  • MD5

    4f6a7c7213f94ca1bc7b1f8ae5f7265a

  • SHA1

    008de2cbb1653addd6f4597723cce96adcda8546

  • SHA256

    fcde640288f351db48f40205e5a0b97e3541a0bd7034d3e41cd24048c3e2e732

  • SHA512

    60d5fe62c99f750dafc660ab1926728216d17faa0c562c6e53a2c7f97e5ed83fc4d80893ec60ff4ca0a556eb16799999f9da51aff0f9a012b35d0ddf1471e5eb

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzn6zDaE0R5l:ymb3NkkiQ3mdBjFodt2zE3l

Malware Config

Targets

    • Target

      fcde640288f351db48f40205e5a0b97e3541a0bd7034d3e41cd24048c3e2e732

    • Size

      100KB

    • MD5

      4f6a7c7213f94ca1bc7b1f8ae5f7265a

    • SHA1

      008de2cbb1653addd6f4597723cce96adcda8546

    • SHA256

      fcde640288f351db48f40205e5a0b97e3541a0bd7034d3e41cd24048c3e2e732

    • SHA512

      60d5fe62c99f750dafc660ab1926728216d17faa0c562c6e53a2c7f97e5ed83fc4d80893ec60ff4ca0a556eb16799999f9da51aff0f9a012b35d0ddf1471e5eb

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzn6zDaE0R5l:ymb3NkkiQ3mdBjFodt2zE3l

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks