General

  • Target

    4b3477a67cc56577b2896936eea9b454c8527d349e358ef6c402d268a9523821

  • Size

    93KB

  • Sample

    240620-1qccpasfrl

  • MD5

    6d50ff9057b57c4f39499ba0dfddfea1

  • SHA1

    9d8c8163cd161222e96198b7d60b901a96af51e9

  • SHA256

    4b3477a67cc56577b2896936eea9b454c8527d349e358ef6c402d268a9523821

  • SHA512

    9568d1cdcad6d94cc9059b6353316eccd76b3f9d2246fe7e2df1b3321269c529e08ffb79fbcaf58e1f14c76052771b3bf7c6d2c420702e61f87970da8c4e775c

  • SSDEEP

    1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpB:8hOmTsF93UYfwC6GIout0fmCiiiXA6m7

Malware Config

Targets

    • Target

      4b3477a67cc56577b2896936eea9b454c8527d349e358ef6c402d268a9523821

    • Size

      93KB

    • MD5

      6d50ff9057b57c4f39499ba0dfddfea1

    • SHA1

      9d8c8163cd161222e96198b7d60b901a96af51e9

    • SHA256

      4b3477a67cc56577b2896936eea9b454c8527d349e358ef6c402d268a9523821

    • SHA512

      9568d1cdcad6d94cc9059b6353316eccd76b3f9d2246fe7e2df1b3321269c529e08ffb79fbcaf58e1f14c76052771b3bf7c6d2c420702e61f87970da8c4e775c

    • SSDEEP

      1536:8vQBeOGtrYS3srx93UBWfwC6Ggnouy80fg3Cip8iXAsG5M0u5YoWpB:8hOmTsF93UYfwC6GIout0fmCiiiXA6m7

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks