General

  • Target

    5f0ebabf189088b5fc2e06523bc13265aae569c79eb51f04927ed067c038e746

  • Size

    77KB

  • Sample

    240620-2hx5vszhrg

  • MD5

    2190fc62827c8615b290e17deddea1c8

  • SHA1

    b8cfd40e4933c82752ab48d2d806913ba41fb14d

  • SHA256

    5f0ebabf189088b5fc2e06523bc13265aae569c79eb51f04927ed067c038e746

  • SHA512

    d7482adb8b3e741819c098579f56fe8b4bfe763249408230bab583eeb430d294c57050dff319aaba42c7e7e9516d2f6e25ed288d3146f523a46db15c454baedd

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKK:ymb3NkkiQ3mdBjFo68t3Gno9IB

Malware Config

Targets

    • Target

      5f0ebabf189088b5fc2e06523bc13265aae569c79eb51f04927ed067c038e746

    • Size

      77KB

    • MD5

      2190fc62827c8615b290e17deddea1c8

    • SHA1

      b8cfd40e4933c82752ab48d2d806913ba41fb14d

    • SHA256

      5f0ebabf189088b5fc2e06523bc13265aae569c79eb51f04927ed067c038e746

    • SHA512

      d7482adb8b3e741819c098579f56fe8b4bfe763249408230bab583eeb430d294c57050dff319aaba42c7e7e9516d2f6e25ed288d3146f523a46db15c454baedd

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKK:ymb3NkkiQ3mdBjFo68t3Gno9IB

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks