General

  • Target

    aeb42f1babbe7cd1d24ec02cd7ad9098ad4d356790182e5ddf4314b1f566cf7d

  • Size

    313KB

  • Sample

    240518-cc4b9aeh76

  • MD5

    aca366e4047c72f485aa398b50d1f7ca

  • SHA1

    ec3c7dfb442e8b3ba3d25ca66192f9312262b90d

  • SHA256

    aeb42f1babbe7cd1d24ec02cd7ad9098ad4d356790182e5ddf4314b1f566cf7d

  • SHA512

    294d4a07a267f67b023ab8c62cb2943b30f29fc4bb463f1a048f18264523b4d6a2aca5b55fd94b0b8bfda746aadc958dc8a4e640b864e3f659cfb03a26152f63

  • SSDEEP

    6144:/cm4FmowdHoSyZuo3F2Y9iE9MAkOCOu0EajNVBZr6y2Wfe:N4wFHoSMu49P9mie

Malware Config

Targets

    • Target

      aeb42f1babbe7cd1d24ec02cd7ad9098ad4d356790182e5ddf4314b1f566cf7d

    • Size

      313KB

    • MD5

      aca366e4047c72f485aa398b50d1f7ca

    • SHA1

      ec3c7dfb442e8b3ba3d25ca66192f9312262b90d

    • SHA256

      aeb42f1babbe7cd1d24ec02cd7ad9098ad4d356790182e5ddf4314b1f566cf7d

    • SHA512

      294d4a07a267f67b023ab8c62cb2943b30f29fc4bb463f1a048f18264523b4d6a2aca5b55fd94b0b8bfda746aadc958dc8a4e640b864e3f659cfb03a26152f63

    • SSDEEP

      6144:/cm4FmowdHoSyZuo3F2Y9iE9MAkOCOu0EajNVBZr6y2Wfe:N4wFHoSMu49P9mie

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks