General

  • Target

    f2d3b0c345c5b3cea662d36239659a4f088c93ecef725fa1fc08b4007c6c6780

  • Size

    63KB

  • Sample

    240518-fjrhtacg66

  • MD5

    b96c3d364951b30e3f45d223781f4f3f

  • SHA1

    b570d885629a827e3ca77e703a303d8b28adf77e

  • SHA256

    f2d3b0c345c5b3cea662d36239659a4f088c93ecef725fa1fc08b4007c6c6780

  • SHA512

    f8493410746ef3ce23013d0092d95505013b6a96ce92f4486019cc086bf781b0e26f235abe2c706542c46b943c889f7a892106e54ce171f1c601c5e52ee3fb87

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12k:ymb3NkkiQ3mdBjFIFdJmJ

Malware Config

Targets

    • Target

      f2d3b0c345c5b3cea662d36239659a4f088c93ecef725fa1fc08b4007c6c6780

    • Size

      63KB

    • MD5

      b96c3d364951b30e3f45d223781f4f3f

    • SHA1

      b570d885629a827e3ca77e703a303d8b28adf77e

    • SHA256

      f2d3b0c345c5b3cea662d36239659a4f088c93ecef725fa1fc08b4007c6c6780

    • SHA512

      f8493410746ef3ce23013d0092d95505013b6a96ce92f4486019cc086bf781b0e26f235abe2c706542c46b943c889f7a892106e54ce171f1c601c5e52ee3fb87

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12k:ymb3NkkiQ3mdBjFIFdJmJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks