General

  • Target

    1d280cb2d81d6d08c01699057e643d226111a823e83ce4057c0434a37577fdac

  • Size

    453KB

  • Sample

    240605-ybqknafe6t

  • MD5

    59a202eafe377711bde89b14c1bcea7f

  • SHA1

    2aca446acbb373367fc83b5300db10dfc67dbc29

  • SHA256

    1d280cb2d81d6d08c01699057e643d226111a823e83ce4057c0434a37577fdac

  • SHA512

    e5cde5435210dcde291061aa949dcb478a477fec8288aadb6fe7d97e77ec3d51177e569f158e051d5b1d3893cfde810e9af2d588f9f9fb55db86e3ad3a197187

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNmv:x4wFHoS3eFaKHpv/VycgE81lg6

Malware Config

Targets

    • Target

      1d280cb2d81d6d08c01699057e643d226111a823e83ce4057c0434a37577fdac

    • Size

      453KB

    • MD5

      59a202eafe377711bde89b14c1bcea7f

    • SHA1

      2aca446acbb373367fc83b5300db10dfc67dbc29

    • SHA256

      1d280cb2d81d6d08c01699057e643d226111a823e83ce4057c0434a37577fdac

    • SHA512

      e5cde5435210dcde291061aa949dcb478a477fec8288aadb6fe7d97e77ec3d51177e569f158e051d5b1d3893cfde810e9af2d588f9f9fb55db86e3ad3a197187

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNmv:x4wFHoS3eFaKHpv/VycgE81lg6

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks