General

  • Target

    914ceb69036206aac1210768500dd87a5913de325fad4ee7e5e9dfd24818bf77

  • Size

    76KB

  • Sample

    240518-av2j9sbc49

  • MD5

    a65a7caf77e5f45a72d3218036e7a0f3

  • SHA1

    2b2f2d68265dec43463fb9e247f4a22ccb9e1aac

  • SHA256

    914ceb69036206aac1210768500dd87a5913de325fad4ee7e5e9dfd24818bf77

  • SHA512

    b91d23fe98e6b52a6c3c20b4b351ab7c0f8f12a7ba6a743b6b73c2e9899e9c956e9f1b015b7076f580863e753f34ac7f01100d57ed326b706db864fea8c4efc2

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wVEJ/:ymb3NkkiQ3mdBjF+3TU2KEJ/

Malware Config

Targets

    • Target

      914ceb69036206aac1210768500dd87a5913de325fad4ee7e5e9dfd24818bf77

    • Size

      76KB

    • MD5

      a65a7caf77e5f45a72d3218036e7a0f3

    • SHA1

      2b2f2d68265dec43463fb9e247f4a22ccb9e1aac

    • SHA256

      914ceb69036206aac1210768500dd87a5913de325fad4ee7e5e9dfd24818bf77

    • SHA512

      b91d23fe98e6b52a6c3c20b4b351ab7c0f8f12a7ba6a743b6b73c2e9899e9c956e9f1b015b7076f580863e753f34ac7f01100d57ed326b706db864fea8c4efc2

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wVEJ/:ymb3NkkiQ3mdBjF+3TU2KEJ/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks