General

  • Target

    359d6f07a15134035f728e8c48871a8c8f6bd20b2925e300d9cd2afaaa2388eb

  • Size

    155KB

  • Sample

    240605-zt6v2ahd2t

  • MD5

    00574153d4c4b1510048defc76364448

  • SHA1

    7f06e11fca9af62760daa66f19aee5fc64ae5671

  • SHA256

    359d6f07a15134035f728e8c48871a8c8f6bd20b2925e300d9cd2afaaa2388eb

  • SHA512

    461cb8da76927398754c8ca7fc191db37f6fbfdef2912c6e5a24931d9abe55895e821f88eeea06ac2db37ad99c0308f2ad71d14235430b95ba3672dac4acfda6

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmX5k2LrCimBaH8UH303S:n3C9BRIG0asYFm71mJkzpaH8m3j

Malware Config

Targets

    • Target

      359d6f07a15134035f728e8c48871a8c8f6bd20b2925e300d9cd2afaaa2388eb

    • Size

      155KB

    • MD5

      00574153d4c4b1510048defc76364448

    • SHA1

      7f06e11fca9af62760daa66f19aee5fc64ae5671

    • SHA256

      359d6f07a15134035f728e8c48871a8c8f6bd20b2925e300d9cd2afaaa2388eb

    • SHA512

      461cb8da76927398754c8ca7fc191db37f6fbfdef2912c6e5a24931d9abe55895e821f88eeea06ac2db37ad99c0308f2ad71d14235430b95ba3672dac4acfda6

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmX5k2LrCimBaH8UH303S:n3C9BRIG0asYFm71mJkzpaH8m3j

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks