General

  • Target

    290433e6903eeceb13f51f379853340bcda218cc0597c65b99b5f227c624c8f2

  • Size

    233KB

  • Sample

    240605-y2h89sge2v

  • MD5

    8de7d1d133828e59186f43b517d70e69

  • SHA1

    139278775f41c0c47f05625ff38014113372abb5

  • SHA256

    290433e6903eeceb13f51f379853340bcda218cc0597c65b99b5f227c624c8f2

  • SHA512

    6808476c5c9fdb9b16a4c01442edb58537c6f0d729f85dd5cc5ee6d13ca24d71ecdedd8c321c767e8579821797ebeb5086738eb77552b22302d98e0a9d17bfb4

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohTF/SjSrbzLAuBjfwFOmoFzMvUpGqC5n+M:n3C9BRo/AIuuFSjA8uBjwI7FjpjC5+M

Malware Config

Targets

    • Target

      290433e6903eeceb13f51f379853340bcda218cc0597c65b99b5f227c624c8f2

    • Size

      233KB

    • MD5

      8de7d1d133828e59186f43b517d70e69

    • SHA1

      139278775f41c0c47f05625ff38014113372abb5

    • SHA256

      290433e6903eeceb13f51f379853340bcda218cc0597c65b99b5f227c624c8f2

    • SHA512

      6808476c5c9fdb9b16a4c01442edb58537c6f0d729f85dd5cc5ee6d13ca24d71ecdedd8c321c767e8579821797ebeb5086738eb77552b22302d98e0a9d17bfb4

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohTF/SjSrbzLAuBjfwFOmoFzMvUpGqC5n+M:n3C9BRo/AIuuFSjA8uBjwI7FjpjC5+M

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks