General

  • Target

    34a06b4aaf2c1b310cadfc4b3d86f62cc2ee575b063d0038249bfff4f37bc387

  • Size

    58KB

  • Sample

    240621-y3g3lavemk

  • MD5

    0de1121bd0a72834ac410bfdf270c80f

  • SHA1

    13ac22df8b666d66568717c32a58c8040fa892d5

  • SHA256

    34a06b4aaf2c1b310cadfc4b3d86f62cc2ee575b063d0038249bfff4f37bc387

  • SHA512

    f9fc35ebb5a33452eab62c241692f652437b1b0c10f30c3da5e75155ce165fd41bb1808c85af4f6d9aa3709b5e6e6e06b1cc5a4e1c7ef12975bb7566e5ca0732

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVV5:ymb3NkkiQ3mdBjF0crV5

Malware Config

Targets

    • Target

      34a06b4aaf2c1b310cadfc4b3d86f62cc2ee575b063d0038249bfff4f37bc387

    • Size

      58KB

    • MD5

      0de1121bd0a72834ac410bfdf270c80f

    • SHA1

      13ac22df8b666d66568717c32a58c8040fa892d5

    • SHA256

      34a06b4aaf2c1b310cadfc4b3d86f62cc2ee575b063d0038249bfff4f37bc387

    • SHA512

      f9fc35ebb5a33452eab62c241692f652437b1b0c10f30c3da5e75155ce165fd41bb1808c85af4f6d9aa3709b5e6e6e06b1cc5a4e1c7ef12975bb7566e5ca0732

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND0chVV5:ymb3NkkiQ3mdBjF0crV5

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks