General

  • Target

    4b63ed76419bbd4a80cf2281c7344b227aabc39862bcab8f164cd13744299ae9

  • Size

    377KB

  • Sample

    240605-2epdjsag71

  • MD5

    5c031a79482ab9ec0455f447e161688f

  • SHA1

    202531e2b29503f14b86e3b4cedb91be12ff286b

  • SHA256

    4b63ed76419bbd4a80cf2281c7344b227aabc39862bcab8f164cd13744299ae9

  • SHA512

    0e4d19773c2c2beca4f9d2fa01d529f801e05f1e75f35c37aadcae3fb3cace063956d6f4a65245dd2ae455e5adcf8e39df1221520239d251266aba028d5286df

  • SSDEEP

    6144:9cm4FmowdHoSABIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7+:/4wFHoSA4KofHfHTXQLzgvnzHPowYbvP

Malware Config

Targets

    • Target

      4b63ed76419bbd4a80cf2281c7344b227aabc39862bcab8f164cd13744299ae9

    • Size

      377KB

    • MD5

      5c031a79482ab9ec0455f447e161688f

    • SHA1

      202531e2b29503f14b86e3b4cedb91be12ff286b

    • SHA256

      4b63ed76419bbd4a80cf2281c7344b227aabc39862bcab8f164cd13744299ae9

    • SHA512

      0e4d19773c2c2beca4f9d2fa01d529f801e05f1e75f35c37aadcae3fb3cace063956d6f4a65245dd2ae455e5adcf8e39df1221520239d251266aba028d5286df

    • SSDEEP

      6144:9cm4FmowdHoSABIs9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7+:/4wFHoSA4KofHfHTXQLzgvnzHPowYbvP

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Molebox Virtualization software

      Detects file using Molebox Virtualization software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks