General

  • Target

    acc0f1bffce5fdbf2755edc95597ff31aa691eba6d2ca29cee05a29ba8aba587

  • Size

    224KB

  • Sample

    240518-b9dmesef9w

  • MD5

    489652df78808caa1227959d25c6486a

  • SHA1

    70749c5466634619cf88b0e105ec86ef395af043

  • SHA256

    acc0f1bffce5fdbf2755edc95597ff31aa691eba6d2ca29cee05a29ba8aba587

  • SHA512

    b1cb1a9bdfd6d5d79ece598cc921cea5b7043064f13cd06e17122009751cb46d6e72000b8fddcf8a5247384294984adfea920eadafaad14b603d6326a680ca8a

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7t:n3C9BRo7MlrWKo+lxKR

Malware Config

Targets

    • Target

      acc0f1bffce5fdbf2755edc95597ff31aa691eba6d2ca29cee05a29ba8aba587

    • Size

      224KB

    • MD5

      489652df78808caa1227959d25c6486a

    • SHA1

      70749c5466634619cf88b0e105ec86ef395af043

    • SHA256

      acc0f1bffce5fdbf2755edc95597ff31aa691eba6d2ca29cee05a29ba8aba587

    • SHA512

      b1cb1a9bdfd6d5d79ece598cc921cea5b7043064f13cd06e17122009751cb46d6e72000b8fddcf8a5247384294984adfea920eadafaad14b603d6326a680ca8a

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xL7t:n3C9BRo7MlrWKo+lxKR

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks