General

  • Target

    05b89a022b151fad24841189b3561d22a3812396849a96d13294854f3bdcbc85

  • Size

    380KB

  • Sample

    240606-w24tvshh6t

  • MD5

    4889b3c865c2ab068b8052f03f57b761

  • SHA1

    5086eab083acc78ddbe48948b396e93335c422bb

  • SHA256

    05b89a022b151fad24841189b3561d22a3812396849a96d13294854f3bdcbc85

  • SHA512

    3b86e9a7728472fbf2f0e8fd4ae341f5da2753aaaecf354128533f413c0f4ca630b31bb99098d3c8cfaa320b76d675a5db06dd630f615d098ed6644bd0950f26

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoJ:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHox

Malware Config

Targets

    • Target

      05b89a022b151fad24841189b3561d22a3812396849a96d13294854f3bdcbc85

    • Size

      380KB

    • MD5

      4889b3c865c2ab068b8052f03f57b761

    • SHA1

      5086eab083acc78ddbe48948b396e93335c422bb

    • SHA256

      05b89a022b151fad24841189b3561d22a3812396849a96d13294854f3bdcbc85

    • SHA512

      3b86e9a7728472fbf2f0e8fd4ae341f5da2753aaaecf354128533f413c0f4ca630b31bb99098d3c8cfaa320b76d675a5db06dd630f615d098ed6644bd0950f26

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoJ:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHox

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks