General

  • Target

    51878bd023d031af540c145b5a1be4453d7fc2d12bde377d3159069a37ea0d6b

  • Size

    77KB

  • Sample

    240605-2r57tsca69

  • MD5

    bcf6f92701d7e52f7cffc262158b58ae

  • SHA1

    df31cbf5a8661fb20d0557d0bd3c235830bc4802

  • SHA256

    51878bd023d031af540c145b5a1be4453d7fc2d12bde377d3159069a37ea0d6b

  • SHA512

    012f99c1f2dcc3a24a28d35900e38d6cfaae2e77bdc9ba78f98c0e398c9d25619f6d6aa90e11193c0f63cf54c3d897901ccb29a7f2f305cd6da55db10dd828b2

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrAS:ymb3NkkiQ3mdBjFIIp9L9QrrAS

Malware Config

Targets

    • Target

      51878bd023d031af540c145b5a1be4453d7fc2d12bde377d3159069a37ea0d6b

    • Size

      77KB

    • MD5

      bcf6f92701d7e52f7cffc262158b58ae

    • SHA1

      df31cbf5a8661fb20d0557d0bd3c235830bc4802

    • SHA256

      51878bd023d031af540c145b5a1be4453d7fc2d12bde377d3159069a37ea0d6b

    • SHA512

      012f99c1f2dcc3a24a28d35900e38d6cfaae2e77bdc9ba78f98c0e398c9d25619f6d6aa90e11193c0f63cf54c3d897901ccb29a7f2f305cd6da55db10dd828b2

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrAS:ymb3NkkiQ3mdBjFIIp9L9QrrAS

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks