General

  • Target

    7e3488f8d901e22a7bd9293e1911ab76b1a30147145417018cc73bcda189254c

  • Size

    90KB

  • Sample

    240621-aek8catakg

  • MD5

    d0ceea5a39123c0688b761028f431efa

  • SHA1

    15df413ef233af7387b98850c464ed3d3e3761f0

  • SHA256

    7e3488f8d901e22a7bd9293e1911ab76b1a30147145417018cc73bcda189254c

  • SHA512

    db37a6251a8bee6a78fb2af56ff41332154fe351d47074a5ed02920ef0c82c0cdbb7b14362ce7f2686a089b6a9a5f3b71300ced6a627fa09d04180c0315e40e6

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1grORPfr0k890CS7:ymb3NkkiQ3mdBjFoLk8Pk890CW

Malware Config

Targets

    • Target

      7e3488f8d901e22a7bd9293e1911ab76b1a30147145417018cc73bcda189254c

    • Size

      90KB

    • MD5

      d0ceea5a39123c0688b761028f431efa

    • SHA1

      15df413ef233af7387b98850c464ed3d3e3761f0

    • SHA256

      7e3488f8d901e22a7bd9293e1911ab76b1a30147145417018cc73bcda189254c

    • SHA512

      db37a6251a8bee6a78fb2af56ff41332154fe351d47074a5ed02920ef0c82c0cdbb7b14362ce7f2686a089b6a9a5f3b71300ced6a627fa09d04180c0315e40e6

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1grORPfr0k890CS7:ymb3NkkiQ3mdBjFoLk8Pk890CW

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks