General

  • Target

    232ddd2a345a289ba5b617ecfa39dd7b47e9bbf7305eb1ad74f924a5a2a3d3ba

  • Size

    82KB

  • Sample

    240605-ymmyxafh9z

  • MD5

    e53f570a7addb5a2a7d8452d7f57feed

  • SHA1

    2f886116266d341f05a8b00329cc7015c4986d75

  • SHA256

    232ddd2a345a289ba5b617ecfa39dd7b47e9bbf7305eb1ad74f924a5a2a3d3ba

  • SHA512

    b3d5085d6e84b7ca5b238242fa7413edf4424e310411198a7cf645d5b54b141dbb81160d266fbdf64866e21419ef1e9257f42ae4d3a0a443892f5a20826d1b0a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAXPfgr2hKmdbcPi2vD:ymb3NkkiQ3mdBjFo6Pfgy3dbc/D

Malware Config

Targets

    • Target

      232ddd2a345a289ba5b617ecfa39dd7b47e9bbf7305eb1ad74f924a5a2a3d3ba

    • Size

      82KB

    • MD5

      e53f570a7addb5a2a7d8452d7f57feed

    • SHA1

      2f886116266d341f05a8b00329cc7015c4986d75

    • SHA256

      232ddd2a345a289ba5b617ecfa39dd7b47e9bbf7305eb1ad74f924a5a2a3d3ba

    • SHA512

      b3d5085d6e84b7ca5b238242fa7413edf4424e310411198a7cf645d5b54b141dbb81160d266fbdf64866e21419ef1e9257f42ae4d3a0a443892f5a20826d1b0a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAXPfgr2hKmdbcPi2vD:ymb3NkkiQ3mdBjFo6Pfgy3dbc/D

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks