General

  • Target

    3e907623168bbed454863296a4f54a5c053d82a8c500fb065b50bc85ce262b3a

  • Size

    62KB

  • Sample

    240605-1dd1rahh41

  • MD5

    2aa078bed613be7e2a525f5b62424f8f

  • SHA1

    fd5d7bf533259c7a09bfd74641f76dd6cc987388

  • SHA256

    3e907623168bbed454863296a4f54a5c053d82a8c500fb065b50bc85ce262b3a

  • SHA512

    8d2dbec6f2df9fe4e6f59ed01638d6634f27690051121c17499f22ceb4605a0f4fa968313e35610227eb36f104ba780c13a3fed34409e20944785b5c6054893d

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIug6b9P:ymb3NkkiQ3mdBjFIugI

Malware Config

Targets

    • Target

      3e907623168bbed454863296a4f54a5c053d82a8c500fb065b50bc85ce262b3a

    • Size

      62KB

    • MD5

      2aa078bed613be7e2a525f5b62424f8f

    • SHA1

      fd5d7bf533259c7a09bfd74641f76dd6cc987388

    • SHA256

      3e907623168bbed454863296a4f54a5c053d82a8c500fb065b50bc85ce262b3a

    • SHA512

      8d2dbec6f2df9fe4e6f59ed01638d6634f27690051121c17499f22ceb4605a0f4fa968313e35610227eb36f104ba780c13a3fed34409e20944785b5c6054893d

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIug6b9P:ymb3NkkiQ3mdBjFIugI

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks