General

  • Target

    8c34e97d1b6d728d4f10cadf09e57c194bdc6161d282538bc8fac975adc4f098

  • Size

    246KB

  • Sample

    240518-amc7psaf99

  • MD5

    7490b15f87cba99cad786eed65d16175

  • SHA1

    6f39bafceaa093f4d47cab73fb3158f616c17302

  • SHA256

    8c34e97d1b6d728d4f10cadf09e57c194bdc6161d282538bc8fac975adc4f098

  • SHA512

    2a4a57fbecaa3e75df001946ac401c7299a81e2c676fd12584829a93b05c2ef0160aa4347ce056a7452e6efa0c42d787fc6ce04e2219b42e579d76391f1caa01

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjR1M:n3C9BRo7MlrWKo+lxtvGt1M

Malware Config

Targets

    • Target

      8c34e97d1b6d728d4f10cadf09e57c194bdc6161d282538bc8fac975adc4f098

    • Size

      246KB

    • MD5

      7490b15f87cba99cad786eed65d16175

    • SHA1

      6f39bafceaa093f4d47cab73fb3158f616c17302

    • SHA256

      8c34e97d1b6d728d4f10cadf09e57c194bdc6161d282538bc8fac975adc4f098

    • SHA512

      2a4a57fbecaa3e75df001946ac401c7299a81e2c676fd12584829a93b05c2ef0160aa4347ce056a7452e6efa0c42d787fc6ce04e2219b42e579d76391f1caa01

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4MAWvGjR1M:n3C9BRo7MlrWKo+lxtvGt1M

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks