General

  • Target

    7c4f3aac43227aa436759c435d20465ef14ed6010257821b436b9be3d5cce9a0

  • Size

    84KB

  • Sample

    240606-bsehdsdf4v

  • MD5

    1c1a572987c052cee0200c1f0260ec68

  • SHA1

    ecafd443047bd20d74452dab2d2de1bb0dfb0e75

  • SHA256

    7c4f3aac43227aa436759c435d20465ef14ed6010257821b436b9be3d5cce9a0

  • SHA512

    60b61f91ec643be015df8c518fa7e80d6fb938a02195b3374a56aba64151ac28f9ae8b2e1887bfc6e4be188f3340b354ab2a50a3ac24a7493d152508b7af527d

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIJSLCBCO+HlMO7s0yL+P:ymb3NkkiQ3mdBjFIwLMoHW8yL+P

Malware Config

Targets

    • Target

      7c4f3aac43227aa436759c435d20465ef14ed6010257821b436b9be3d5cce9a0

    • Size

      84KB

    • MD5

      1c1a572987c052cee0200c1f0260ec68

    • SHA1

      ecafd443047bd20d74452dab2d2de1bb0dfb0e75

    • SHA256

      7c4f3aac43227aa436759c435d20465ef14ed6010257821b436b9be3d5cce9a0

    • SHA512

      60b61f91ec643be015df8c518fa7e80d6fb938a02195b3374a56aba64151ac28f9ae8b2e1887bfc6e4be188f3340b354ab2a50a3ac24a7493d152508b7af527d

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIJSLCBCO+HlMO7s0yL+P:ymb3NkkiQ3mdBjFIwLMoHW8yL+P

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks