General

  • Target

    0b7d062ec5bed58f12cb523f2789d13dbdbf1a66176eef1320c5a612d347433d

  • Size

    72KB

  • Sample

    240621-w8kdsszakh

  • MD5

    1a5e717d00b761e24bb5d88cbd22d5e0

  • SHA1

    fb999fd49e5806a186427c587055b100377d35c0

  • SHA256

    0b7d062ec5bed58f12cb523f2789d13dbdbf1a66176eef1320c5a612d347433d

  • SHA512

    09881e4f4c24ba4c3c450dfc7582a5ab35a64773d4fdfd298f3ed0f6559bcea81e91f84797f4959a50e3b7d0066fdb9e8445c199dd74396cfbbef41850b0468d

  • SSDEEP

    1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQkK:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYQ

Malware Config

Targets

    • Target

      0b7d062ec5bed58f12cb523f2789d13dbdbf1a66176eef1320c5a612d347433d

    • Size

      72KB

    • MD5

      1a5e717d00b761e24bb5d88cbd22d5e0

    • SHA1

      fb999fd49e5806a186427c587055b100377d35c0

    • SHA256

      0b7d062ec5bed58f12cb523f2789d13dbdbf1a66176eef1320c5a612d347433d

    • SHA512

      09881e4f4c24ba4c3c450dfc7582a5ab35a64773d4fdfd298f3ed0f6559bcea81e91f84797f4959a50e3b7d0066fdb9e8445c199dd74396cfbbef41850b0468d

    • SSDEEP

      1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQkK:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks