General

  • Target

    53089aa4c84262a0ba63c318694adffb0fa6f69a7df1cab5f191d2230fd1e023

  • Size

    345KB

  • Sample

    240605-2w6n6abc3t

  • MD5

    d4e54f4a38367c1ed76cf4d9400757fe

  • SHA1

    56cdd4728959cd86d779859a9729082c18549281

  • SHA256

    53089aa4c84262a0ba63c318694adffb0fa6f69a7df1cab5f191d2230fd1e023

  • SHA512

    3759740a4d13321fdc124c96b9beea7b81bc51531d29268ac57b11f8de7ed4a125face8c881ae52133c9986714692091744624032fb453c408075a9029e7aab8

  • SSDEEP

    6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIg:n3C9uDnUXoSWlnwJv90aKToFqwfIBG

Malware Config

Targets

    • Target

      53089aa4c84262a0ba63c318694adffb0fa6f69a7df1cab5f191d2230fd1e023

    • Size

      345KB

    • MD5

      d4e54f4a38367c1ed76cf4d9400757fe

    • SHA1

      56cdd4728959cd86d779859a9729082c18549281

    • SHA256

      53089aa4c84262a0ba63c318694adffb0fa6f69a7df1cab5f191d2230fd1e023

    • SHA512

      3759740a4d13321fdc124c96b9beea7b81bc51531d29268ac57b11f8de7ed4a125face8c881ae52133c9986714692091744624032fb453c408075a9029e7aab8

    • SSDEEP

      6144:n3C9BRo/AIX2MUXownfWQkyCpxwJz9e0pQowLh3EhToK9cT085mnFhXjmnwJQyIg:n3C9uDnUXoSWlnwJv90aKToFqwfIBG

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks