General

  • Target

    3c531f42df1a3ab2ea8a46cd07ec4bfe5110faeac999d936414d3dc5cffd3453

  • Size

    190KB

  • Sample

    240620-z48glsxdra

  • MD5

    5bde3d1d476fe08f81d7efa875e5290c

  • SHA1

    4b975d47c9a463c74e2b172f8f3337aeebf0dab2

  • SHA256

    3c531f42df1a3ab2ea8a46cd07ec4bfe5110faeac999d936414d3dc5cffd3453

  • SHA512

    8ab470ea4525df9178744022f523b1d4dfc64d9163d3ab25d29e6da2307cced8cfb4db5eb243cf6b07a072d34439a85e4c89d57875fc35c446e94a61f683c3f6

  • SSDEEP

    3072:YhOmTsF93UYfwC6GIoutLmxHxae5yLpcgDE4JBuItR8pTsgnKbQFe3+Y:Ycm4FmowdHoSLEaTBftapTsyFeOY

Score
10/10

Malware Config

Targets

    • Target

      3c531f42df1a3ab2ea8a46cd07ec4bfe5110faeac999d936414d3dc5cffd3453

    • Size

      190KB

    • MD5

      5bde3d1d476fe08f81d7efa875e5290c

    • SHA1

      4b975d47c9a463c74e2b172f8f3337aeebf0dab2

    • SHA256

      3c531f42df1a3ab2ea8a46cd07ec4bfe5110faeac999d936414d3dc5cffd3453

    • SHA512

      8ab470ea4525df9178744022f523b1d4dfc64d9163d3ab25d29e6da2307cced8cfb4db5eb243cf6b07a072d34439a85e4c89d57875fc35c446e94a61f683c3f6

    • SSDEEP

      3072:YhOmTsF93UYfwC6GIoutLmxHxae5yLpcgDE4JBuItR8pTsgnKbQFe3+Y:Ycm4FmowdHoSLEaTBftapTsyFeOY

    Score
    10/10
    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

MITRE ATT&CK Matrix

Tasks