General
-
Target
c9a4d4db342506f501c07b289919ea3258230234c32220e2b0741585bf5328f9
-
Size
15.6MB
-
Sample
240524-ls7t2sch71
-
MD5
e7df5e6d0c009d2d6d29793d28cd9d02
-
SHA1
9e3c97eb84aaf5817aeed919a0a56661ab372aba
-
SHA256
c9a4d4db342506f501c07b289919ea3258230234c32220e2b0741585bf5328f9
-
SHA512
89cc1170c84c7f022eafbc8fb011f10de6871fa868afad8ab9c7db6be3eb537a758cbdbb2cc5fc97f3d5b514adc12df0060adc9a7b4e561d98a9a57cf2c067a6
-
SSDEEP
393216:TYTqFe7KiLEQVWeC0KBbOAe3cb4vrpe2Em4vaXg:MT5+bPtpOAeM8kxSX
Malware Config
Targets
-
-
Target
c9a4d4db342506f501c07b289919ea3258230234c32220e2b0741585bf5328f9
-
Size
15.6MB
-
MD5
e7df5e6d0c009d2d6d29793d28cd9d02
-
SHA1
9e3c97eb84aaf5817aeed919a0a56661ab372aba
-
SHA256
c9a4d4db342506f501c07b289919ea3258230234c32220e2b0741585bf5328f9
-
SHA512
89cc1170c84c7f022eafbc8fb011f10de6871fa868afad8ab9c7db6be3eb537a758cbdbb2cc5fc97f3d5b514adc12df0060adc9a7b4e561d98a9a57cf2c067a6
-
SSDEEP
393216:TYTqFe7KiLEQVWeC0KBbOAe3cb4vrpe2Em4vaXg:MT5+bPtpOAeM8kxSX
Score10/10-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-