General

  • Target

    3795a8c3616dc2c30ebdda9bbfcaca4c229b727b5a4900031aa10a15515449be

  • Size

    58KB

  • Sample

    240621-y7kz2s1crf

  • MD5

    a21d910cc5d872462ee7827c0dab349a

  • SHA1

    df88ee31784505cf2faf1d1ee5b38f0bdafe01b7

  • SHA256

    3795a8c3616dc2c30ebdda9bbfcaca4c229b727b5a4900031aa10a15515449be

  • SHA512

    4deec7e42d6b9cc9e70cb94055d1aae09c94a16c7a671ae7c20367c2881e3a065d18ca685001746cf17f3d4a08f152566de53d01fd9c9fe9cb802aae3b065c4f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEKt:ymb3NkkiQ3mdBjFIr

Malware Config

Targets

    • Target

      3795a8c3616dc2c30ebdda9bbfcaca4c229b727b5a4900031aa10a15515449be

    • Size

      58KB

    • MD5

      a21d910cc5d872462ee7827c0dab349a

    • SHA1

      df88ee31784505cf2faf1d1ee5b38f0bdafe01b7

    • SHA256

      3795a8c3616dc2c30ebdda9bbfcaca4c229b727b5a4900031aa10a15515449be

    • SHA512

      4deec7e42d6b9cc9e70cb94055d1aae09c94a16c7a671ae7c20367c2881e3a065d18ca685001746cf17f3d4a08f152566de53d01fd9c9fe9cb802aae3b065c4f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEKt:ymb3NkkiQ3mdBjFIr

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks