General

  • Target

    030baba21452a98362cebc7754633d680449847d1b31e633f9443e8de82b0baf

  • Size

    73KB

  • Sample

    240620-ww794a1cqh

  • MD5

    11ada29f74e0ecfeed7886e3065bf914

  • SHA1

    9dea391f932da6115983ddbe08b6e2ce2f86113e

  • SHA256

    030baba21452a98362cebc7754633d680449847d1b31e633f9443e8de82b0baf

  • SHA512

    1e030d012efe0603b7808a26c19ee4ffce7c25fc637ec27e0286ad39b002a71171d0f1b726f6fb1c01977fc5f8c4676d7106ed2dc94d832762c1ccc56dbcef93

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPEF:ymb3NkkiQ3mdBjFIfvTfCD+HlQcF

Malware Config

Targets

    • Target

      030baba21452a98362cebc7754633d680449847d1b31e633f9443e8de82b0baf

    • Size

      73KB

    • MD5

      11ada29f74e0ecfeed7886e3065bf914

    • SHA1

      9dea391f932da6115983ddbe08b6e2ce2f86113e

    • SHA256

      030baba21452a98362cebc7754633d680449847d1b31e633f9443e8de82b0baf

    • SHA512

      1e030d012efe0603b7808a26c19ee4ffce7c25fc637ec27e0286ad39b002a71171d0f1b726f6fb1c01977fc5f8c4676d7106ed2dc94d832762c1ccc56dbcef93

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPEF:ymb3NkkiQ3mdBjFIfvTfCD+HlQcF

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks