General
-
Target
90c3bf20ec8fb1bba1e59b3f2fff90d5f80fbffaaf611eabe31196b5445105e7
-
Size
12.0MB
-
Sample
240521-sthd4sad7w
-
MD5
dfd602e0e91c26540727c7a481ecaf9c
-
SHA1
40c2559af3a2637d4b6ddf5d3c8ecae4eb983ef7
-
SHA256
90c3bf20ec8fb1bba1e59b3f2fff90d5f80fbffaaf611eabe31196b5445105e7
-
SHA512
c9762bc5a7f9873374fc57b01b20dc4d26292199fa084986ef1aadefd0019f9bf600169cfa1e47f9750cd0ce4d2dda3cfee22fec3fb67254efdbdf94c3fb2a35
-
SSDEEP
196608:10/mSNwPXEqFGgVyT2kU/k0fsvY0dHzQrWvE/AsbBmKKVRpVhaNNqvm:iOowPhGP2G0EA0dTRE/AscKCpaqvm
Malware Config
Targets
-
-
Target
90c3bf20ec8fb1bba1e59b3f2fff90d5f80fbffaaf611eabe31196b5445105e7
-
Size
12.0MB
-
MD5
dfd602e0e91c26540727c7a481ecaf9c
-
SHA1
40c2559af3a2637d4b6ddf5d3c8ecae4eb983ef7
-
SHA256
90c3bf20ec8fb1bba1e59b3f2fff90d5f80fbffaaf611eabe31196b5445105e7
-
SHA512
c9762bc5a7f9873374fc57b01b20dc4d26292199fa084986ef1aadefd0019f9bf600169cfa1e47f9750cd0ce4d2dda3cfee22fec3fb67254efdbdf94c3fb2a35
-
SSDEEP
196608:10/mSNwPXEqFGgVyT2kU/k0fsvY0dHzQrWvE/AsbBmKKVRpVhaNNqvm:iOowPhGP2G0EA0dTRE/AscKCpaqvm
Score10/10-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-