General

  • Target

    1637a3b39999e678f621c53d4deeef3fb049436ff9502c6c7005a2c7c15032d8

  • Size

    77KB

  • Sample

    240605-xvv4tafa6z

  • MD5

    67b87f756e50dba35bdfe150de6c828d

  • SHA1

    83c9e23ee5d4dd26a07f9a6be7e9cb8a4a2eb384

  • SHA256

    1637a3b39999e678f621c53d4deeef3fb049436ff9502c6c7005a2c7c15032d8

  • SHA512

    e7a108d2ac662d06ba3e047793d52dd51ad0555ed3d1a783c7bfaf6dba29502413ded73e6264cd4960f5de7a80d5c43feff89694863dd4f4c5258fa2e32b69db

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgygQwKjiawEmBO:ymb3NkkiQ3mdBjFo73thgQ/wEkO

Malware Config

Targets

    • Target

      1637a3b39999e678f621c53d4deeef3fb049436ff9502c6c7005a2c7c15032d8

    • Size

      77KB

    • MD5

      67b87f756e50dba35bdfe150de6c828d

    • SHA1

      83c9e23ee5d4dd26a07f9a6be7e9cb8a4a2eb384

    • SHA256

      1637a3b39999e678f621c53d4deeef3fb049436ff9502c6c7005a2c7c15032d8

    • SHA512

      e7a108d2ac662d06ba3e047793d52dd51ad0555ed3d1a783c7bfaf6dba29502413ded73e6264cd4960f5de7a80d5c43feff89694863dd4f4c5258fa2e32b69db

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgygQwKjiawEmBO:ymb3NkkiQ3mdBjFo73thgQ/wEkO

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks