General

  • Target

    f33ceeb95034235396d86b1c9ebbabe55dd6a4573c09a83cd7a3ec1a19027981

  • Size

    180KB

  • Sample

    240605-f72npagd37

  • MD5

    9269b5748b0c0d5d8d5e25c32e2ea715

  • SHA1

    bace2740faf4e0bc3ebd1331ac99cdcd70403d36

  • SHA256

    f33ceeb95034235396d86b1c9ebbabe55dd6a4573c09a83cd7a3ec1a19027981

  • SHA512

    796b5d93a8ad1e868f606e0268268c93d03540be71f6955df78ed77ff0ef59b9b3b325ffeb3857c6db503561d590152284f24583d17e57237937a2b2becbc919

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMC:PhOm2sI93UufdC67ciJTm5hIC

Malware Config

Targets

    • Target

      f33ceeb95034235396d86b1c9ebbabe55dd6a4573c09a83cd7a3ec1a19027981

    • Size

      180KB

    • MD5

      9269b5748b0c0d5d8d5e25c32e2ea715

    • SHA1

      bace2740faf4e0bc3ebd1331ac99cdcd70403d36

    • SHA256

      f33ceeb95034235396d86b1c9ebbabe55dd6a4573c09a83cd7a3ec1a19027981

    • SHA512

      796b5d93a8ad1e868f606e0268268c93d03540be71f6955df78ed77ff0ef59b9b3b325ffeb3857c6db503561d590152284f24583d17e57237937a2b2becbc919

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMC:PhOm2sI93UufdC67ciJTm5hIC

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks