General

  • Target

    78fa9a76471db8db2df48f277ef3ae63777f7b4ae30d18c362cf853879c033cf

  • Size

    212KB

  • Sample

    240620-3xqj1axbqp

  • MD5

    e3f67ca5a20b7381c8c28223da7ff87f

  • SHA1

    7478461c29101c89d35a5ebc83465b288801821a

  • SHA256

    78fa9a76471db8db2df48f277ef3ae63777f7b4ae30d18c362cf853879c033cf

  • SHA512

    06e333c46a0b544867dee6ba1849929b1935cf569941041e867c9ea4daba0fed0afe940e2cd1786d659b29853deede060ee3de4b8027bf7c6cbefe8aad1de4c7

  • SSDEEP

    6144:Hcm4FmowdHoSrXZf8l/ubPzYNLPf4t+lK:V4wFHoSBK/ubLcfE

Malware Config

Targets

    • Target

      78fa9a76471db8db2df48f277ef3ae63777f7b4ae30d18c362cf853879c033cf

    • Size

      212KB

    • MD5

      e3f67ca5a20b7381c8c28223da7ff87f

    • SHA1

      7478461c29101c89d35a5ebc83465b288801821a

    • SHA256

      78fa9a76471db8db2df48f277ef3ae63777f7b4ae30d18c362cf853879c033cf

    • SHA512

      06e333c46a0b544867dee6ba1849929b1935cf569941041e867c9ea4daba0fed0afe940e2cd1786d659b29853deede060ee3de4b8027bf7c6cbefe8aad1de4c7

    • SSDEEP

      6144:Hcm4FmowdHoSrXZf8l/ubPzYNLPf4t+lK:V4wFHoSBK/ubLcfE

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks