General

  • Target

    2f535056cc5c772fbc7542c5df0963274c763320998df09e33ae4cea05630307

  • Size

    128KB

  • Sample

    240620-zjptrs1bmq

  • MD5

    c1c9b688bfef356aa7e58725b7d08089

  • SHA1

    2b5953caecd813866addd4b5ac0459e8126acc9b

  • SHA256

    2f535056cc5c772fbc7542c5df0963274c763320998df09e33ae4cea05630307

  • SHA512

    7f3c4595c74adc7aba3d32151157aeac48cb7132afd77322c157c68556a2fdb5792757a83029e80b163e96bdeb0508e5ea1f8ef53856424ebc3ee5390656e5f5

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afodnmm9Ao98h3dktX4/Jd:n3C9BRW0j/tmm9nwytI/

Malware Config

Targets

    • Target

      2f535056cc5c772fbc7542c5df0963274c763320998df09e33ae4cea05630307

    • Size

      128KB

    • MD5

      c1c9b688bfef356aa7e58725b7d08089

    • SHA1

      2b5953caecd813866addd4b5ac0459e8126acc9b

    • SHA256

      2f535056cc5c772fbc7542c5df0963274c763320998df09e33ae4cea05630307

    • SHA512

      7f3c4595c74adc7aba3d32151157aeac48cb7132afd77322c157c68556a2fdb5792757a83029e80b163e96bdeb0508e5ea1f8ef53856424ebc3ee5390656e5f5

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afodnmm9Ao98h3dktX4/Jd:n3C9BRW0j/tmm9nwytI/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks