General

  • Target

    4c9a6f8a0e06d30a9e0f6fdc866536eb56ed856c84512d3199b0b02a9837b460

  • Size

    294KB

  • Sample

    240605-2f5f6abg66

  • MD5

    b6446541d2eca67753c71c103be69ea9

  • SHA1

    14da7d13147f5265c1484a8fb42d1a61b82785c8

  • SHA256

    4c9a6f8a0e06d30a9e0f6fdc866536eb56ed856c84512d3199b0b02a9837b460

  • SHA512

    1d4e3dbd60e1ad8c18b3952e1b50b67f3958bea64311d606b98dbd05e1dbdd932b1e7bda5ac97ecfbe6c009afc4d954641899f7baa231cec3bec03e086b79dd7

  • SSDEEP

    6144:ccm4FmowdHoSQkuObHq9ltAszBd+za/p1slTjZXvEQo9dftOr:K4wFHoSQkuUHk1zBR/pMT9XvEhdfa

Malware Config

Targets

    • Target

      4c9a6f8a0e06d30a9e0f6fdc866536eb56ed856c84512d3199b0b02a9837b460

    • Size

      294KB

    • MD5

      b6446541d2eca67753c71c103be69ea9

    • SHA1

      14da7d13147f5265c1484a8fb42d1a61b82785c8

    • SHA256

      4c9a6f8a0e06d30a9e0f6fdc866536eb56ed856c84512d3199b0b02a9837b460

    • SHA512

      1d4e3dbd60e1ad8c18b3952e1b50b67f3958bea64311d606b98dbd05e1dbdd932b1e7bda5ac97ecfbe6c009afc4d954641899f7baa231cec3bec03e086b79dd7

    • SSDEEP

      6144:ccm4FmowdHoSQkuObHq9ltAszBd+za/p1slTjZXvEQo9dftOr:K4wFHoSQkuUHk1zBR/pMT9XvEhdfa

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks