General

  • Target

    89968a8f89dedc350a05664378abbd4efae6698cfd4a2ed2f8c4981e6c897639

  • Size

    93KB

  • Sample

    240518-agsefaad64

  • MD5

    96b7688de37096407e1285d7c3944fbe

  • SHA1

    9c5d47b117cea772e1456edb274da52198d9ccae

  • SHA256

    89968a8f89dedc350a05664378abbd4efae6698cfd4a2ed2f8c4981e6c897639

  • SHA512

    c98d698e8959c0dd868a7f2aa7c841cc85abb9cb66bd545d405f9bd9a19d60ceaba99da4277c9c1c3d8d2fa05b5a37b6e1d49445dc8570236c2a0643062f31de

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLuePjDYlR3hnjKXIQSe9oEi:ymb3NkkiQ3mdBjFoLucjDilOZhoV

Malware Config

Targets

    • Target

      89968a8f89dedc350a05664378abbd4efae6698cfd4a2ed2f8c4981e6c897639

    • Size

      93KB

    • MD5

      96b7688de37096407e1285d7c3944fbe

    • SHA1

      9c5d47b117cea772e1456edb274da52198d9ccae

    • SHA256

      89968a8f89dedc350a05664378abbd4efae6698cfd4a2ed2f8c4981e6c897639

    • SHA512

      c98d698e8959c0dd868a7f2aa7c841cc85abb9cb66bd545d405f9bd9a19d60ceaba99da4277c9c1c3d8d2fa05b5a37b6e1d49445dc8570236c2a0643062f31de

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLuePjDYlR3hnjKXIQSe9oEi:ymb3NkkiQ3mdBjFoLucjDilOZhoV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks