General

  • Target

    2ce302aee70297a3200294a5daa67debd4c9d6e43481d384488eedb7005d1976

  • Size

    585KB

  • Sample

    240605-y9lz5agg4t

  • MD5

    59cbf49203f61d618af5c27b7bcb4008

  • SHA1

    b665a24f513614f966cec59e1dd06d30787bc947

  • SHA256

    2ce302aee70297a3200294a5daa67debd4c9d6e43481d384488eedb7005d1976

  • SHA512

    7a3d1e1ffa61efc98fc3424c39a898fd09e4f9a782fc1133d275a4cae256034956f14aea8b08c514ef8ed95d7215eda3d0144f2c1228b8f8971a96238c66facb

  • SSDEEP

    12288:n3C9ytvngQjuPh2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiZQ:SgdnJKPh2kkkkK4kXkkkkkkkkJQ

Malware Config

Targets

    • Target

      2ce302aee70297a3200294a5daa67debd4c9d6e43481d384488eedb7005d1976

    • Size

      585KB

    • MD5

      59cbf49203f61d618af5c27b7bcb4008

    • SHA1

      b665a24f513614f966cec59e1dd06d30787bc947

    • SHA256

      2ce302aee70297a3200294a5daa67debd4c9d6e43481d384488eedb7005d1976

    • SHA512

      7a3d1e1ffa61efc98fc3424c39a898fd09e4f9a782fc1133d275a4cae256034956f14aea8b08c514ef8ed95d7215eda3d0144f2c1228b8f8971a96238c66facb

    • SSDEEP

      12288:n3C9ytvngQjuPh2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiZQ:SgdnJKPh2kkkkK4kXkkkkkkkkJQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks