General

  • Target

    fea78105e57835e59f7e440d5abac1591325917ef7ea749d673fc184d8cd692b

  • Size

    247KB

  • Sample

    240518-f5tkasdg2s

  • MD5

    af43402b33154bf8c5c84aa9653064b3

  • SHA1

    e0aa0ce4d0ea1f6cbf895e9ad7d6f0a2c2995fa3

  • SHA256

    fea78105e57835e59f7e440d5abac1591325917ef7ea749d673fc184d8cd692b

  • SHA512

    eb905744cdde244ecf4300151e7e84a1993383a5fae86cc2388283f9c587e08f79081e1c8b3bf0302ac5480b169fa855089dbfba372b1238f395eaba5106e76f

  • SSDEEP

    6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRV6H:n3C9uD6AUDCa4NYmRs

Malware Config

Targets

    • Target

      fea78105e57835e59f7e440d5abac1591325917ef7ea749d673fc184d8cd692b

    • Size

      247KB

    • MD5

      af43402b33154bf8c5c84aa9653064b3

    • SHA1

      e0aa0ce4d0ea1f6cbf895e9ad7d6f0a2c2995fa3

    • SHA256

      fea78105e57835e59f7e440d5abac1591325917ef7ea749d673fc184d8cd692b

    • SHA512

      eb905744cdde244ecf4300151e7e84a1993383a5fae86cc2388283f9c587e08f79081e1c8b3bf0302ac5480b169fa855089dbfba372b1238f395eaba5106e76f

    • SSDEEP

      6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRV6H:n3C9uD6AUDCa4NYmRs

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks