General

  • Target

    46645c7fcf04f924a2915d553dce5886914c07b32aa9009ed40e47fa6088854e

  • Size

    334KB

  • Sample

    240605-1xj14sbc66

  • MD5

    ae10fc297f9ececbad6bf9fcbdc3d76f

  • SHA1

    52aa0472b51a155e7042e008db39a805f5b8c235

  • SHA256

    46645c7fcf04f924a2915d553dce5886914c07b32aa9009ed40e47fa6088854e

  • SHA512

    00f5bef554e4b9ebb4eaedec007666538950357e421fa941df0d85a4f043716fa645cd2585ecb15d007c19846455c8bb7ba4539eeda8c219bb86650ff0045daa

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/M:x4wFHoS3eFaKHpv/VycgE8oM

Malware Config

Targets

    • Target

      46645c7fcf04f924a2915d553dce5886914c07b32aa9009ed40e47fa6088854e

    • Size

      334KB

    • MD5

      ae10fc297f9ececbad6bf9fcbdc3d76f

    • SHA1

      52aa0472b51a155e7042e008db39a805f5b8c235

    • SHA256

      46645c7fcf04f924a2915d553dce5886914c07b32aa9009ed40e47fa6088854e

    • SHA512

      00f5bef554e4b9ebb4eaedec007666538950357e421fa941df0d85a4f043716fa645cd2585ecb15d007c19846455c8bb7ba4539eeda8c219bb86650ff0045daa

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/M:x4wFHoS3eFaKHpv/VycgE8oM

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks