General

  • Target

    4cab5aab5ca256ab3c7b6e00a140c364ea0b2b08c042090570048e5b3b239906

  • Size

    493KB

  • Sample

    240605-2ga9psah3x

  • MD5

    2e7279ad9d2492d5c9180afa6a054509

  • SHA1

    54ce24c81a3461387c1aa192a9343224604a33e9

  • SHA256

    4cab5aab5ca256ab3c7b6e00a140c364ea0b2b08c042090570048e5b3b239906

  • SHA512

    a37a18bb40b53190786ae0f832930384d59d1a1bf3d2d10d88c357c70767cb71d43c131eda6ffe7d3736125fbd3e025f20faae765cd7b0e7318045553a4b211d

  • SSDEEP

    6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93svqTbWL5wEpOQ9DRRk:n3C9yMo+S0L9xRnoq7H9QYcmeN9Dc

Malware Config

Targets

    • Target

      4cab5aab5ca256ab3c7b6e00a140c364ea0b2b08c042090570048e5b3b239906

    • Size

      493KB

    • MD5

      2e7279ad9d2492d5c9180afa6a054509

    • SHA1

      54ce24c81a3461387c1aa192a9343224604a33e9

    • SHA256

      4cab5aab5ca256ab3c7b6e00a140c364ea0b2b08c042090570048e5b3b239906

    • SHA512

      a37a18bb40b53190786ae0f832930384d59d1a1bf3d2d10d88c357c70767cb71d43c131eda6ffe7d3736125fbd3e025f20faae765cd7b0e7318045553a4b211d

    • SSDEEP

      6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93svqTbWL5wEpOQ9DRRk:n3C9yMo+S0L9xRnoq7H9QYcmeN9Dc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks