General

  • Target

    88a1097eb9fbb466090c5eb7609ad9f4dd257c2aee787e895c137a9392fb8871

  • Size

    522KB

  • Sample

    240621-avzexatdjc

  • MD5

    6d1ba6af251b9bccff8a0d7c9d4433ab

  • SHA1

    e5e39ddff43bb3b625310aa87f56b773f55e3a0a

  • SHA256

    88a1097eb9fbb466090c5eb7609ad9f4dd257c2aee787e895c137a9392fb8871

  • SHA512

    b9c4f7b61651651a98d8eddc98b1af7768c2c051595fa0746319d62f5f7e84c125e8561138b13249bcd176f34f4e88d53764857bffa87daf8ed769af1193b47c

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3o89H3x+Q:q7Tc2NYHUrAwfMHNnpls4894Q

Malware Config

Targets

    • Target

      88a1097eb9fbb466090c5eb7609ad9f4dd257c2aee787e895c137a9392fb8871

    • Size

      522KB

    • MD5

      6d1ba6af251b9bccff8a0d7c9d4433ab

    • SHA1

      e5e39ddff43bb3b625310aa87f56b773f55e3a0a

    • SHA256

      88a1097eb9fbb466090c5eb7609ad9f4dd257c2aee787e895c137a9392fb8871

    • SHA512

      b9c4f7b61651651a98d8eddc98b1af7768c2c051595fa0746319d62f5f7e84c125e8561138b13249bcd176f34f4e88d53764857bffa87daf8ed769af1193b47c

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3o89H3x+Q:q7Tc2NYHUrAwfMHNnpls4894Q

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks