General

  • Target

    7b3d8591ec302610638d8d6e1de3a222edbbdb576e44f6e3e20761a91eb491c5

  • Size

    373KB

  • Sample

    240606-bp5keade6z

  • MD5

    1953e4ed98cf8cffff7626e732cd2b2b

  • SHA1

    69feac1d96c578deb6d5b437938476af8dbf4a16

  • SHA256

    7b3d8591ec302610638d8d6e1de3a222edbbdb576e44f6e3e20761a91eb491c5

  • SHA512

    ce113fa2d2b6d0bf6cbeac80a593e81089a54a870a18c94d451b182837743aca81b869eb1612e2726d2ed0c3523effadc2fe7c7469e7ca33f84f0db8f6b49520

  • SSDEEP

    6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMO:n3C9uYA7i3/stR9HGYyvtTxTKMf

Malware Config

Targets

    • Target

      7b3d8591ec302610638d8d6e1de3a222edbbdb576e44f6e3e20761a91eb491c5

    • Size

      373KB

    • MD5

      1953e4ed98cf8cffff7626e732cd2b2b

    • SHA1

      69feac1d96c578deb6d5b437938476af8dbf4a16

    • SHA256

      7b3d8591ec302610638d8d6e1de3a222edbbdb576e44f6e3e20761a91eb491c5

    • SHA512

      ce113fa2d2b6d0bf6cbeac80a593e81089a54a870a18c94d451b182837743aca81b869eb1612e2726d2ed0c3523effadc2fe7c7469e7ca33f84f0db8f6b49520

    • SSDEEP

      6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMO:n3C9uYA7i3/stR9HGYyvtTxTKMf

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks