General

  • Target

    3294942d5e6af1d8aa29dc5b1b608b471b4a14e3e3e1683e7d3f5bf6c0b1fd74

  • Size

    84KB

  • Sample

    240605-zpqcgsab34

  • MD5

    5a825569d26955b984f5d975280fcac0

  • SHA1

    19f0d3ce2628228f7ea34c53c4dd290081ded452

  • SHA256

    3294942d5e6af1d8aa29dc5b1b608b471b4a14e3e3e1683e7d3f5bf6c0b1fd74

  • SHA512

    e638f6111f0d05b11a67965b2f2c9a2541c91908c7edcd2711830ab98ea92294d1664b559c4b9d9398cea57ae4c0e04266dacd3cb5824371da2b827163227f04

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgt7WxZKmNDnX77lY8/X5QgrciQ:ymb3NkkiQ3mdBjFIgte0mNb77Bptfc

Malware Config

Targets

    • Target

      3294942d5e6af1d8aa29dc5b1b608b471b4a14e3e3e1683e7d3f5bf6c0b1fd74

    • Size

      84KB

    • MD5

      5a825569d26955b984f5d975280fcac0

    • SHA1

      19f0d3ce2628228f7ea34c53c4dd290081ded452

    • SHA256

      3294942d5e6af1d8aa29dc5b1b608b471b4a14e3e3e1683e7d3f5bf6c0b1fd74

    • SHA512

      e638f6111f0d05b11a67965b2f2c9a2541c91908c7edcd2711830ab98ea92294d1664b559c4b9d9398cea57ae4c0e04266dacd3cb5824371da2b827163227f04

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgt7WxZKmNDnX77lY8/X5QgrciQ:ymb3NkkiQ3mdBjFIgte0mNb77Bptfc

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks