General

  • Target

    b0dcc430df0ae1035559c0186c20cd8e3f09042f1e46ff61c877248916cde582

  • Size

    67KB

  • Sample

    240518-cg6yyafb94

  • MD5

    4451d46404e64036cbc339cc755c4139

  • SHA1

    aa42841eead134473b786006d26e5890c7c4eec1

  • SHA256

    b0dcc430df0ae1035559c0186c20cd8e3f09042f1e46ff61c877248916cde582

  • SHA512

    ea3f30dfff8b2cb79de51d92c59d2034a48a6604edce3ecec8979a55fca897fed8e1867fd94a99ac27de3e9eb1446113e1acb951455a6f03ac96af248e847862

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfsIQQ:ymb3NkkiQ3mdBjFI4VAIQQ

Malware Config

Targets

    • Target

      b0dcc430df0ae1035559c0186c20cd8e3f09042f1e46ff61c877248916cde582

    • Size

      67KB

    • MD5

      4451d46404e64036cbc339cc755c4139

    • SHA1

      aa42841eead134473b786006d26e5890c7c4eec1

    • SHA256

      b0dcc430df0ae1035559c0186c20cd8e3f09042f1e46ff61c877248916cde582

    • SHA512

      ea3f30dfff8b2cb79de51d92c59d2034a48a6604edce3ecec8979a55fca897fed8e1867fd94a99ac27de3e9eb1446113e1acb951455a6f03ac96af248e847862

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfsIQQ:ymb3NkkiQ3mdBjFI4VAIQQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks