General

  • Target

    b56c2febd4a4cd9339a605c9485561409ad094199a5844fdcc0004e521f951a9

  • Size

    393KB

  • Sample

    240518-cqqnbaff5y

  • MD5

    59c0143ca752315a68a9bb5a817b8a93

  • SHA1

    75ffc7d63aad8f4952e153e236d410d17ff2e00c

  • SHA256

    b56c2febd4a4cd9339a605c9485561409ad094199a5844fdcc0004e521f951a9

  • SHA512

    96fd2de866479706331b378193c6361d1242bd7c8399d1f0696b4c60cd86b315f1b4192558d70b64777644b044cbeb261d7cb50bea380309e43b6360a55133af

  • SSDEEP

    6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmR6:m7TcJWjdpKGATTk/jYIOWN/KnnPJ

Malware Config

Targets

    • Target

      b56c2febd4a4cd9339a605c9485561409ad094199a5844fdcc0004e521f951a9

    • Size

      393KB

    • MD5

      59c0143ca752315a68a9bb5a817b8a93

    • SHA1

      75ffc7d63aad8f4952e153e236d410d17ff2e00c

    • SHA256

      b56c2febd4a4cd9339a605c9485561409ad094199a5844fdcc0004e521f951a9

    • SHA512

      96fd2de866479706331b378193c6361d1242bd7c8399d1f0696b4c60cd86b315f1b4192558d70b64777644b044cbeb261d7cb50bea380309e43b6360a55133af

    • SSDEEP

      6144:Acm7ImGddX5WrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bmR6:m7TcJWjdpKGATTk/jYIOWN/KnnPJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks