General

  • Target

    932783eba53cefe17a82ecfefd73baa05489e84336cc6622ce6b1af5a007080f

  • Size

    361KB

  • Sample

    240518-az3m5abe71

  • MD5

    350797e0a38dd6a9a690ba52546eb7eb

  • SHA1

    a72130a769c2afa40adc2713072d4a1a049b507e

  • SHA256

    932783eba53cefe17a82ecfefd73baa05489e84336cc6622ce6b1af5a007080f

  • SHA512

    c345a7ea1df464739edb96afa2278b07dc81e4f89e25e46fd0e38274f8a8543fd37d9a27ab51c5cea16246a0a848760342bdac2333488202cbe59a0bcb455517

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7U:n3C9uYA71kSMu08px7U

Malware Config

Targets

    • Target

      932783eba53cefe17a82ecfefd73baa05489e84336cc6622ce6b1af5a007080f

    • Size

      361KB

    • MD5

      350797e0a38dd6a9a690ba52546eb7eb

    • SHA1

      a72130a769c2afa40adc2713072d4a1a049b507e

    • SHA256

      932783eba53cefe17a82ecfefd73baa05489e84336cc6622ce6b1af5a007080f

    • SHA512

      c345a7ea1df464739edb96afa2278b07dc81e4f89e25e46fd0e38274f8a8543fd37d9a27ab51c5cea16246a0a848760342bdac2333488202cbe59a0bcb455517

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7N+8px7U:n3C9uYA71kSMu08px7U

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks