General

  • Target

    5ba891dca4e823b613d8883f51aff96ba855f7520a90486ac7a84aeed5871b55

  • Size

    377KB

  • Sample

    240621-1tm9cssdpd

  • MD5

    1104a7873798374ca1f17c4b98870924

  • SHA1

    83c656e265b3ffc3de391306935c0620b6028d17

  • SHA256

    5ba891dca4e823b613d8883f51aff96ba855f7520a90486ac7a84aeed5871b55

  • SHA512

    cfe23eb6a533822e23d3c190267b3a1744e3011c97ab7f3c2a9ca9f1edc1290301392b94f1d56d873503f874cfc21bfc83a7db41aa2995f89e0e7b0ed8fa0cc4

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoQ:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoY

Malware Config

Targets

    • Target

      5ba891dca4e823b613d8883f51aff96ba855f7520a90486ac7a84aeed5871b55

    • Size

      377KB

    • MD5

      1104a7873798374ca1f17c4b98870924

    • SHA1

      83c656e265b3ffc3de391306935c0620b6028d17

    • SHA256

      5ba891dca4e823b613d8883f51aff96ba855f7520a90486ac7a84aeed5871b55

    • SHA512

      cfe23eb6a533822e23d3c190267b3a1744e3011c97ab7f3c2a9ca9f1edc1290301392b94f1d56d873503f874cfc21bfc83a7db41aa2995f89e0e7b0ed8fa0cc4

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoQ:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoY

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks