General

  • Target

    4de3dc565325238f4fedf0a17bb96b5c58e6f1471809b25edb5ffefb22667698

  • Size

    54KB

  • Sample

    240605-2jrpgaah8x

  • MD5

    cde6e80d70b1152bffde32b4a45ec0f4

  • SHA1

    46cffb62af27d803d45f7b230666093103493a15

  • SHA256

    4de3dc565325238f4fedf0a17bb96b5c58e6f1471809b25edb5ffefb22667698

  • SHA512

    673bd9416afd88b20da3fc16feaa1aa70c0143ce9c36b62a80d88d751a789f6f776fcf656dc366756bae0f5a61c81822a8ae619b8f2730e743086394995ac94b

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfoh:ymb3NkkiQ3mdBjFIQh

Malware Config

Targets

    • Target

      4de3dc565325238f4fedf0a17bb96b5c58e6f1471809b25edb5ffefb22667698

    • Size

      54KB

    • MD5

      cde6e80d70b1152bffde32b4a45ec0f4

    • SHA1

      46cffb62af27d803d45f7b230666093103493a15

    • SHA256

      4de3dc565325238f4fedf0a17bb96b5c58e6f1471809b25edb5ffefb22667698

    • SHA512

      673bd9416afd88b20da3fc16feaa1aa70c0143ce9c36b62a80d88d751a789f6f776fcf656dc366756bae0f5a61c81822a8ae619b8f2730e743086394995ac94b

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfoh:ymb3NkkiQ3mdBjFIQh

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks