General

  • Target

    9325458392ca6c8ece1777f06dc0abaf3132967c9163ad7a1dec818d887289ed

  • Size

    78KB

  • Sample

    240518-azsg6abe39

  • MD5

    353644fe8c66d4ae94d7baeb789dc290

  • SHA1

    0db328e41e7670ba1105404ee2d0d41e09cec451

  • SHA256

    9325458392ca6c8ece1777f06dc0abaf3132967c9163ad7a1dec818d887289ed

  • SHA512

    027143b95fb34889f3332384abc78007c4706f88c2fc35d5b9b730a1fabc4162dc5f3f5d42807dbfea17e3d7c0b7df514b68fdc133be91953a862f535caf728f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8YieVIJclPvPJtcdcw:ymb3NkkiQ3mdBjFo68YBVIJc9Jtxw

Malware Config

Targets

    • Target

      9325458392ca6c8ece1777f06dc0abaf3132967c9163ad7a1dec818d887289ed

    • Size

      78KB

    • MD5

      353644fe8c66d4ae94d7baeb789dc290

    • SHA1

      0db328e41e7670ba1105404ee2d0d41e09cec451

    • SHA256

      9325458392ca6c8ece1777f06dc0abaf3132967c9163ad7a1dec818d887289ed

    • SHA512

      027143b95fb34889f3332384abc78007c4706f88c2fc35d5b9b730a1fabc4162dc5f3f5d42807dbfea17e3d7c0b7df514b68fdc133be91953a862f535caf728f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8YieVIJclPvPJtcdcw:ymb3NkkiQ3mdBjFo68YBVIJc9Jtxw

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks