General

  • Target

    22b390350695d8488a8667063ae7fb4f2ffa96d1a6f76ab8bfeabcda57ebca7b

  • Size

    58KB

  • Sample

    240620-yxsl5szcrj

  • MD5

    2ce6c37ff89a8a5b41e7bb18007bfb7a

  • SHA1

    611edd6bb976cb304ceb0b0c0ea94724f4db1c00

  • SHA256

    22b390350695d8488a8667063ae7fb4f2ffa96d1a6f76ab8bfeabcda57ebca7b

  • SHA512

    459fca675740f304c878801031640e96cc2aec13d300db1fc0249ad478394e798df6a7b3fdf2cd96623d74b0506c032c6ed2b5f4aa91f0990aad3cad8decbcb5

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEKO:ymb3NkkiQ3mdBjFIA

Malware Config

Targets

    • Target

      22b390350695d8488a8667063ae7fb4f2ffa96d1a6f76ab8bfeabcda57ebca7b

    • Size

      58KB

    • MD5

      2ce6c37ff89a8a5b41e7bb18007bfb7a

    • SHA1

      611edd6bb976cb304ceb0b0c0ea94724f4db1c00

    • SHA256

      22b390350695d8488a8667063ae7fb4f2ffa96d1a6f76ab8bfeabcda57ebca7b

    • SHA512

      459fca675740f304c878801031640e96cc2aec13d300db1fc0249ad478394e798df6a7b3fdf2cd96623d74b0506c032c6ed2b5f4aa91f0990aad3cad8decbcb5

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEKO:ymb3NkkiQ3mdBjFIA

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks