General

  • Target

    53d2bf6a7afb2e619b0a1647757632500276634280cdb9c36b48ce0f73af0b37

  • Size

    100KB

  • Sample

    240605-2x4aescb76

  • MD5

    4a424b4b5cc2acbb50bc352476be7cd7

  • SHA1

    cf2c4f0faf9a774038d3cabe02e2ce26835343e7

  • SHA256

    53d2bf6a7afb2e619b0a1647757632500276634280cdb9c36b48ce0f73af0b37

  • SHA512

    01f9d89ebb305d829d4d42941d16e89370eda4e5e1eb2ca232db75bb345791b1ab6b22710dd08c797ade59b214cdf0d37da7717271a6ee78c8bd0e2b9157a041

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzn6zDaE0R59:ymb3NkkiQ3mdBjFodt2zE39

Malware Config

Targets

    • Target

      53d2bf6a7afb2e619b0a1647757632500276634280cdb9c36b48ce0f73af0b37

    • Size

      100KB

    • MD5

      4a424b4b5cc2acbb50bc352476be7cd7

    • SHA1

      cf2c4f0faf9a774038d3cabe02e2ce26835343e7

    • SHA256

      53d2bf6a7afb2e619b0a1647757632500276634280cdb9c36b48ce0f73af0b37

    • SHA512

      01f9d89ebb305d829d4d42941d16e89370eda4e5e1eb2ca232db75bb345791b1ab6b22710dd08c797ade59b214cdf0d37da7717271a6ee78c8bd0e2b9157a041

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzn6zDaE0R59:ymb3NkkiQ3mdBjFodt2zE39

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks