General

  • Target

    b32b331b3291ac077202195e7f7321d087fc0e57e20016e16886180797db97b6

  • Size

    70KB

  • Sample

    240518-cl577sfd77

  • MD5

    0ad219074d79cada498f3f235c6bdfd6

  • SHA1

    63a66c49fc262fa2381e97a4a314a7811a1c68fd

  • SHA256

    b32b331b3291ac077202195e7f7321d087fc0e57e20016e16886180797db97b6

  • SHA512

    eb67c4a2f24ba061a1c5c23ffc44780a98c52c0d036fada4827a995e2a1c6843965801d67da6ff62bcedd9c9f81b68838767e0e2573e9d4ebb7290f48c43b5d0

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUVyiAnfd:ymb3NkkiQ3mdBjFIgUEBd

Malware Config

Targets

    • Target

      b32b331b3291ac077202195e7f7321d087fc0e57e20016e16886180797db97b6

    • Size

      70KB

    • MD5

      0ad219074d79cada498f3f235c6bdfd6

    • SHA1

      63a66c49fc262fa2381e97a4a314a7811a1c68fd

    • SHA256

      b32b331b3291ac077202195e7f7321d087fc0e57e20016e16886180797db97b6

    • SHA512

      eb67c4a2f24ba061a1c5c23ffc44780a98c52c0d036fada4827a995e2a1c6843965801d67da6ff62bcedd9c9f81b68838767e0e2573e9d4ebb7290f48c43b5d0

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUVyiAnfd:ymb3NkkiQ3mdBjFIgUEBd

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks