General

  • Target

    609063525cb146e5666be59694fb37357ebeb06ee2c28470f08055141bc9fcfb.exe

  • Size

    6.4MB

  • Sample

    240524-k9564scd53

  • MD5

    82a48a435ab67203a64599023bc357be

  • SHA1

    6ff9b664635875a91b0048de9361ae6df7600183

  • SHA256

    609063525cb146e5666be59694fb37357ebeb06ee2c28470f08055141bc9fcfb

  • SHA512

    bfa3637c8a370870bfb75f5af363c3d08fa0245a4d7a277a9aa63403b86745c237764f470fb5bd8502923fe5c3343319590f626f99f88f070001420b293b73c5

  • SSDEEP

    98304:bxoAXrbR8ZB+thQKyxL/y2n8mcGcKykCU0zDgTuT0COoJdu4A6h8Pz:bbXh8ZahQKys2pcGSkmDgTs0Fgug6

Malware Config

Targets

    • Target

      609063525cb146e5666be59694fb37357ebeb06ee2c28470f08055141bc9fcfb.exe

    • Size

      6.4MB

    • MD5

      82a48a435ab67203a64599023bc357be

    • SHA1

      6ff9b664635875a91b0048de9361ae6df7600183

    • SHA256

      609063525cb146e5666be59694fb37357ebeb06ee2c28470f08055141bc9fcfb

    • SHA512

      bfa3637c8a370870bfb75f5af363c3d08fa0245a4d7a277a9aa63403b86745c237764f470fb5bd8502923fe5c3343319590f626f99f88f070001420b293b73c5

    • SSDEEP

      98304:bxoAXrbR8ZB+thQKyxL/y2n8mcGcKykCU0zDgTuT0COoJdu4A6h8Pz:bbXh8ZahQKys2pcGSkmDgTs0Fgug6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks