General

  • Target

    61d50e263389fd156d9152230bda8f684fac503d07473ba025d12856139c4fcb

  • Size

    84KB

  • Sample

    240620-2mb37avdnn

  • MD5

    691982066e9582b22ac19cbe2da84e13

  • SHA1

    49da94839ea8a7e62b2e897863096b5b9c35be7a

  • SHA256

    61d50e263389fd156d9152230bda8f684fac503d07473ba025d12856139c4fcb

  • SHA512

    866fcb2f899374d2ed94b572d420781bcf2ee1df9224e084100a9456c677585bc89f657abbf1d59f7ddc26f329a7642ff4bbcdbed201bb911f405e79eaaedc9f

  • SSDEEP

    1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TQpCiho:zhOmTsF93UYfwC6GIoutiTU2HVS64ho

Malware Config

Targets

    • Target

      61d50e263389fd156d9152230bda8f684fac503d07473ba025d12856139c4fcb

    • Size

      84KB

    • MD5

      691982066e9582b22ac19cbe2da84e13

    • SHA1

      49da94839ea8a7e62b2e897863096b5b9c35be7a

    • SHA256

      61d50e263389fd156d9152230bda8f684fac503d07473ba025d12856139c4fcb

    • SHA512

      866fcb2f899374d2ed94b572d420781bcf2ee1df9224e084100a9456c677585bc89f657abbf1d59f7ddc26f329a7642ff4bbcdbed201bb911f405e79eaaedc9f

    • SSDEEP

      1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TQpCiho:zhOmTsF93UYfwC6GIoutiTU2HVS64ho

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks