General

  • Target

    db422738d1b517bcb4fc386f29c67dc4e937fb7700d18c29e0ce327669222fef

  • Size

    95KB

  • Sample

    240524-ept1fsce8x

  • MD5

    bbab3adcd6ac40959876a4e811a36444

  • SHA1

    bfd24f1ac2e345c34e223cf39a999c898d5ad758

  • SHA256

    db422738d1b517bcb4fc386f29c67dc4e937fb7700d18c29e0ce327669222fef

  • SHA512

    f44240ce6aa5cfbbf50c31a03d242cf8a1a0ff1f2b006b2870542c4c0b66580d470c90537f7a2acb9dd2fd7b8b7447d5703334a4d6e4e5ea541e80b98e2ebdfa

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qP1hvZo66Ox4oq2SQwfTQ0:ymb3NkkiQ3mdBjFIj+qNhvZuHQY00

Malware Config

Targets

    • Target

      db422738d1b517bcb4fc386f29c67dc4e937fb7700d18c29e0ce327669222fef

    • Size

      95KB

    • MD5

      bbab3adcd6ac40959876a4e811a36444

    • SHA1

      bfd24f1ac2e345c34e223cf39a999c898d5ad758

    • SHA256

      db422738d1b517bcb4fc386f29c67dc4e937fb7700d18c29e0ce327669222fef

    • SHA512

      f44240ce6aa5cfbbf50c31a03d242cf8a1a0ff1f2b006b2870542c4c0b66580d470c90537f7a2acb9dd2fd7b8b7447d5703334a4d6e4e5ea541e80b98e2ebdfa

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIkpi+qP1hvZo66Ox4oq2SQwfTQ0:ymb3NkkiQ3mdBjFIj+qNhvZuHQY00

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks