General

  • Target

    16d731fc0420438e199c8fcb4ad3cba7c4a99c723a25d90085d541833b4320a9

  • Size

    259KB

  • Sample

    240620-yejaraydjp

  • MD5

    8602ead99e52a0860b1f635c28854a76

  • SHA1

    fed0baadc7f624c66169e7cfaf87a9d93534e99f

  • SHA256

    16d731fc0420438e199c8fcb4ad3cba7c4a99c723a25d90085d541833b4320a9

  • SHA512

    b26f0a5f3d857b9189f2687fe42c992c0bbb9b0c4a5a26490cd5c27410a29adeec1272f10f48e196f6269c49809d36c6a47387d83dbabf0f6f9cec5d5bc374e8

  • SSDEEP

    6144:n3C9BRo7tvnJ9Fywhk/T4i37K3BoKg0qN:n3C9ytvn8whkb4i3e3GF/N

Malware Config

Targets

    • Target

      16d731fc0420438e199c8fcb4ad3cba7c4a99c723a25d90085d541833b4320a9

    • Size

      259KB

    • MD5

      8602ead99e52a0860b1f635c28854a76

    • SHA1

      fed0baadc7f624c66169e7cfaf87a9d93534e99f

    • SHA256

      16d731fc0420438e199c8fcb4ad3cba7c4a99c723a25d90085d541833b4320a9

    • SHA512

      b26f0a5f3d857b9189f2687fe42c992c0bbb9b0c4a5a26490cd5c27410a29adeec1272f10f48e196f6269c49809d36c6a47387d83dbabf0f6f9cec5d5bc374e8

    • SSDEEP

      6144:n3C9BRo7tvnJ9Fywhk/T4i37K3BoKg0qN:n3C9ytvn8whkb4i3e3GF/N

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks