General

  • Target

    24d33f26b845130bfe2acef96de5d7a03dc9c0e96a97dde222f32e6483948f3b

  • Size

    464KB

  • Sample

    240524-yektksgg4w

  • MD5

    02ea9ad902d1da3c5556a1436c884ca4

  • SHA1

    5e1bb5bb74868e46112ac9d55bca1532fba1bab0

  • SHA256

    24d33f26b845130bfe2acef96de5d7a03dc9c0e96a97dde222f32e6483948f3b

  • SHA512

    f257c9083a7826223fc138e22b5d749ebb2c838921f6f2c768d2b93de6742079685fc3ada34bb4f2391029e4e55c54609dddb2481244d89fd9dba815eb4309da

  • SSDEEP

    12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VV:VeR0oykayRFp3lztP+OKaf1VV

Malware Config

Targets

    • Target

      24d33f26b845130bfe2acef96de5d7a03dc9c0e96a97dde222f32e6483948f3b

    • Size

      464KB

    • MD5

      02ea9ad902d1da3c5556a1436c884ca4

    • SHA1

      5e1bb5bb74868e46112ac9d55bca1532fba1bab0

    • SHA256

      24d33f26b845130bfe2acef96de5d7a03dc9c0e96a97dde222f32e6483948f3b

    • SHA512

      f257c9083a7826223fc138e22b5d749ebb2c838921f6f2c768d2b93de6742079685fc3ada34bb4f2391029e4e55c54609dddb2481244d89fd9dba815eb4309da

    • SSDEEP

      12288:J4wFHoSTeR0oQRkay+eFp3IDvSbh5nPVP+OKaf1VV:VeR0oykayRFp3lztP+OKaf1VV

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks