General

  • Target

    76bd2f8043e3e7813400927ab9746d989a714b3e7eb3109fa3571b2a7a535097

  • Size

    307KB

  • Sample

    240606-bdgn7sdc4w

  • MD5

    28342102048a3bd1c26d98a42da93307

  • SHA1

    f08b28d7b59d15f4f61255806fe44f158e63b833

  • SHA256

    76bd2f8043e3e7813400927ab9746d989a714b3e7eb3109fa3571b2a7a535097

  • SHA512

    9fedde58b17c92d5ce8b948643ce788f1bfb20454b3a37197cf2000b4f306a5507943d62428cc7be8e6bcb85dc40a7e91cc9151370b225e5a94171b25126b985

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMMG:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9eq

Malware Config

Targets

    • Target

      76bd2f8043e3e7813400927ab9746d989a714b3e7eb3109fa3571b2a7a535097

    • Size

      307KB

    • MD5

      28342102048a3bd1c26d98a42da93307

    • SHA1

      f08b28d7b59d15f4f61255806fe44f158e63b833

    • SHA256

      76bd2f8043e3e7813400927ab9746d989a714b3e7eb3109fa3571b2a7a535097

    • SHA512

      9fedde58b17c92d5ce8b948643ce788f1bfb20454b3a37197cf2000b4f306a5507943d62428cc7be8e6bcb85dc40a7e91cc9151370b225e5a94171b25126b985

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMMG:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9eq

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks