General

  • Target

    0c6ac4cef5d7f1323b9381bb0f4d7199a46ff58cb24fa93cfe8116289a1d1d07

  • Size

    97KB

  • Sample

    240621-w9qxzazama

  • MD5

    6b23142fd41d273e8997339149e93dcc

  • SHA1

    fe2a8a5c15d0c8d0331f6eead468dd68240324aa

  • SHA256

    0c6ac4cef5d7f1323b9381bb0f4d7199a46ff58cb24fa93cfe8116289a1d1d07

  • SHA512

    49afb6d7412d0594828350eaa65669d19cfce3ce4454da11f827a010e71d90a4f75efc9ae3bcdaacecaa62f85705c36566b44ed9a4698acdd8624cbf94619a01

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIS7/b9EUeWpEC3alBlwtn8BLnnR:ymb3NkkiQ3mdBjFIi/REUZnKlbnvJ

Malware Config

Targets

    • Target

      0c6ac4cef5d7f1323b9381bb0f4d7199a46ff58cb24fa93cfe8116289a1d1d07

    • Size

      97KB

    • MD5

      6b23142fd41d273e8997339149e93dcc

    • SHA1

      fe2a8a5c15d0c8d0331f6eead468dd68240324aa

    • SHA256

      0c6ac4cef5d7f1323b9381bb0f4d7199a46ff58cb24fa93cfe8116289a1d1d07

    • SHA512

      49afb6d7412d0594828350eaa65669d19cfce3ce4454da11f827a010e71d90a4f75efc9ae3bcdaacecaa62f85705c36566b44ed9a4698acdd8624cbf94619a01

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIS7/b9EUeWpEC3alBlwtn8BLnnR:ymb3NkkiQ3mdBjFIi/REUZnKlbnvJ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks