General

  • Target

    fca1897a06cbcba099a322b427f279fe9f22a6fc7c7040a251ccb8ffa0a901d6

  • Size

    70KB

  • Sample

    240606-kvxanada82

  • MD5

    3bc3c7e26ed76110f56da10eda6da370

  • SHA1

    9314aa17250f671d09347c1d34711bc9d33673aa

  • SHA256

    fca1897a06cbcba099a322b427f279fe9f22a6fc7c7040a251ccb8ffa0a901d6

  • SHA512

    af3a1b6bb22d7b52837d854236ed8f9a96115d0b9dff8b04ab761fe9260e7acb1aa47344601bbdb4e16fa23c4733c5c3be5c6d4aebecf5bbf02766b8911d100c

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUwcsbYgA:ymb3NkkiQ3mdBjF0yjcsMgA

Malware Config

Targets

    • Target

      fca1897a06cbcba099a322b427f279fe9f22a6fc7c7040a251ccb8ffa0a901d6

    • Size

      70KB

    • MD5

      3bc3c7e26ed76110f56da10eda6da370

    • SHA1

      9314aa17250f671d09347c1d34711bc9d33673aa

    • SHA256

      fca1897a06cbcba099a322b427f279fe9f22a6fc7c7040a251ccb8ffa0a901d6

    • SHA512

      af3a1b6bb22d7b52837d854236ed8f9a96115d0b9dff8b04ab761fe9260e7acb1aa47344601bbdb4e16fa23c4733c5c3be5c6d4aebecf5bbf02766b8911d100c

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0yUwcsbYgA:ymb3NkkiQ3mdBjF0yjcsMgA

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks