General

  • Target

    94acb9d5134855c3c7be428835244864393ac4626162ff4081f3d5b6f14bcfb9

  • Size

    67KB

  • Sample

    240518-a3dheabf9x

  • MD5

    62c7913b3d09f35ad285056cc8aa8687

  • SHA1

    b4bac6a1551dbac7c3d9d4b565626e7dac8584b4

  • SHA256

    94acb9d5134855c3c7be428835244864393ac4626162ff4081f3d5b6f14bcfb9

  • SHA512

    9991823f3e09d34144de8c3ea1c4a913cf07dccc6ac65e74f963b90cf7f0e32ee33cc0f11a1ef0956befc3133540b187e0901efa7f44b026632f04e28744dffd

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJUDbAI8:ymb3NkkiQ3mdBjFIFdJ8bE

Malware Config

Targets

    • Target

      94acb9d5134855c3c7be428835244864393ac4626162ff4081f3d5b6f14bcfb9

    • Size

      67KB

    • MD5

      62c7913b3d09f35ad285056cc8aa8687

    • SHA1

      b4bac6a1551dbac7c3d9d4b565626e7dac8584b4

    • SHA256

      94acb9d5134855c3c7be428835244864393ac4626162ff4081f3d5b6f14bcfb9

    • SHA512

      9991823f3e09d34144de8c3ea1c4a913cf07dccc6ac65e74f963b90cf7f0e32ee33cc0f11a1ef0956befc3133540b187e0901efa7f44b026632f04e28744dffd

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJUDbAI8:ymb3NkkiQ3mdBjFIFdJ8bE

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks