General

  • Target

    b24418b205628f55629911f8302f25e934b791718922b2fd410133ef69b67c07

  • Size

    65KB

  • Sample

    240518-ckhqhsfd28

  • MD5

    02719698f6f3df102fac0951b8584837

  • SHA1

    f4708caa95bf6a9ad8a2b924c64da28c1d0f067d

  • SHA256

    b24418b205628f55629911f8302f25e934b791718922b2fd410133ef69b67c07

  • SHA512

    6984e2b9bcf3d7ae2f33da3002839a680a4f406d55817161b80fbb3d983ffa3211fc6ce06aa1e52a102851f1702f1fed166fcf002cbddabb98f0433d58a6f85a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfO:ymb3NkkiQ3mdBjFI4V6

Malware Config

Targets

    • Target

      b24418b205628f55629911f8302f25e934b791718922b2fd410133ef69b67c07

    • Size

      65KB

    • MD5

      02719698f6f3df102fac0951b8584837

    • SHA1

      f4708caa95bf6a9ad8a2b924c64da28c1d0f067d

    • SHA256

      b24418b205628f55629911f8302f25e934b791718922b2fd410133ef69b67c07

    • SHA512

      6984e2b9bcf3d7ae2f33da3002839a680a4f406d55817161b80fbb3d983ffa3211fc6ce06aa1e52a102851f1702f1fed166fcf002cbddabb98f0433d58a6f85a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6MTSqfO:ymb3NkkiQ3mdBjFI4V6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks