General

  • Target

    Compressed.rar

  • Size

    571KB

  • Sample

    240606-sblc2sgf78

  • MD5

    9fb7ce9af5862c17c546de2952e3ebfb

  • SHA1

    61af0d19899417013a5e930c3440d1a7f93e03f5

  • SHA256

    0e087ce3f614147d54375ee8233856f7b94b7ed1ac48f83fb58bb1a2ebb34cf3

  • SHA512

    fcb723f04b04c44e95898f17202c44e693a594a43702a19761f6f5283df5907397e197c92f09ba375316ef83b6b2b7a0a1acc5b6c1bb80994ffeef9763db8210

  • SSDEEP

    12288:IY+H/0TLRdMKXrQsYqymcujFXI1g3S5gZ0y:B+sn/XrQs7y/sdI1g3iUl

Score
10/10

Malware Config

Targets

    • Target

      11x/project7.exe

    • Size

      278KB

    • MD5

      f2b666eb52c25c4ca699ac5ebc1741bc

    • SHA1

      628f01c55d170b5617a0588f365ba39a72d83b34

    • SHA256

      97d61372f6c31d912712c304ab53430508bd0c8eaa4ad35d090d2c753ed49822

    • SHA512

      3cba19b7fedf086377b82e3a9877eb9fcdb7829e55f25707dbb4d01deb7fad58740dbd40dfa0de8451c3f006b306b0ca6be792be1e2f5372377ebeca7fdd7ed6

    • SSDEEP

      3072:SFZIq1bW5UHG82V2K7tL5XSyw1RX4kkQkkJkkQkk0dkkkkkkkkkkk7Ykkkkk/kjl:SFqqrH12V2Kxkyw1jv

    Score
    1/10
    • Target

      11x/人员表格.exe

    • Size

      288KB

    • MD5

      55a5db248fd8dc3c039813b80f14b200

    • SHA1

      becac761f325fdd74bc61f07da8027634b850115

    • SHA256

      d3afc59c269bdfe146cf1778c29f33c929f0c630a12b9268f2cdc91f7b96e552

    • SHA512

      0b5beeaf158030f3c4e970731f3e7598b3c093e5f82563b52406ee4bbd02a997067d5f301b74311be29371f9962a0e5c8994824b9fc04ace26b0e4c09849c960

    • SSDEEP

      6144:dx+2gbNfOck/eh2nYsNSqVe71LNOa7x0igyq:dx+VbNfOs2nNVVe7lN5E

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Target

      11x/票NMHZXBIM6011.exe

    • Size

      143KB

    • MD5

      b50109eac911943b9bbb76f8f0c3a660

    • SHA1

      0cbbbc3c26d46a3a26a544285d0e3128d1958d54

    • SHA256

      291dbf192884f0209229385137c69057ee7734c53a1e5c787b5ea9ed294cc6a3

    • SHA512

      23bd90c757945344aa389da4d52b5a2981793fc218372a424058040654cc282f07f0a02905207d2d2ce788865010a67672860743ca794c65a3ff4cfb4503b481

    • SSDEEP

      3072:OJUTdWP4TPHSt9bYs6cEY3LtXDjYYMaAPOkYy7//3kg:9ThmtvqY3Ltzc1jb

    Score
    1/10
    • Target

      11x/表格_setup6006.exe

    • Size

      143KB

    • MD5

      2c8bd43c4ddf1fe70f7cf401368a843c

    • SHA1

      effb8a412d74aed67274ada9a7a5afef9eafd151

    • SHA256

      a64e66a8f83e6d40c2547ecece3689f256436b29aa9531f27c84329d0d595736

    • SHA512

      f4023756cb871b50125024998f49f14a9c9eff6b98c3dd941aadeff305fd17c5b24085deb4e0aa60c9e1a9a956bfa2e181ad758db2d55c49b8eee2b27036cb2d

    • SSDEEP

      3072:LRUTNWP4TPHSt9bYs6cEY3LtXDjMYMVAvVy7//3kg:qTRmtvqY3LtzY1y

    Score
    1/10
    • Target

      ²éѯÈë¿ÚÉè¼Æ³ÌÐò0015/查询入口设计程序0015.exe

    • Size

      280KB

    • MD5

      965b793711d92b5f2e96e4ced3ce055b

    • SHA1

      6bbe4c773a8270c7bb1f4ae06e86d726a2b15ae2

    • SHA256

      d17748267d0b867a6a7f137d2851fd0bdce52af1179c483f41e08ca90e4c665e

    • SHA512

      02fbd0d4818a3a5088f8c161e8eabdf98c9c918f20589286cdb861f926081b5b6dec05a8357145c85c926be0b8d5d1a4bb2c584e7f6e2a14063ec80aa62af9c1

    • SSDEEP

      3072:3wLj3wHB2StGn0WgzBRrlOhLmOhm0QoObGtrZPAKjWjxe2ihPNkJX8Cr8Qa3Ef6N:3w+2gbNfOcWPule7kJX8CBwaG35JMc

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

MITRE ATT&CK Matrix

Tasks