General

  • Target

    758ea3c8bf7e0b8445633dd4a2af823e568e6b226f5a062bf285263b86d554d5

  • Size

    78KB

  • Sample

    240620-3nxa7aserc

  • MD5

    c15a80603f2c688f4e7d9f596d3bf5ee

  • SHA1

    9be3bbc626ca6a482c9c60bbf6bf9d73810e2619

  • SHA256

    758ea3c8bf7e0b8445633dd4a2af823e568e6b226f5a062bf285263b86d554d5

  • SHA512

    5ff66b89ac7443afe4116269724f0e64d31d15197532a7492dbe380f90afa98a3a42baa4fc8cf06b637585bd11f9ec03803561d89c4c096a65aa76e14186c238

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgygQwKjiawEmBgRD:ymb3NkkiQ3mdBjFo73thgQ/wEkMD

Malware Config

Targets

    • Target

      758ea3c8bf7e0b8445633dd4a2af823e568e6b226f5a062bf285263b86d554d5

    • Size

      78KB

    • MD5

      c15a80603f2c688f4e7d9f596d3bf5ee

    • SHA1

      9be3bbc626ca6a482c9c60bbf6bf9d73810e2619

    • SHA256

      758ea3c8bf7e0b8445633dd4a2af823e568e6b226f5a062bf285263b86d554d5

    • SHA512

      5ff66b89ac7443afe4116269724f0e64d31d15197532a7492dbe380f90afa98a3a42baa4fc8cf06b637585bd11f9ec03803561d89c4c096a65aa76e14186c238

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73tgygQwKjiawEmBgRD:ymb3NkkiQ3mdBjFo73thgQ/wEkMD

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks