General

  • Target

    d504078f4a11a08c275ac2a9f3a946f70d64fb675d2e8ac2c689005c1d5d6613

  • Size

    79KB

  • Sample

    240628-dlzabs1apk

  • MD5

    781302e1075e9d00bf290be83c96f919

  • SHA1

    a4f44e11d7491439672aad3cc1c6cd3d25ac9563

  • SHA256

    d504078f4a11a08c275ac2a9f3a946f70d64fb675d2e8ac2c689005c1d5d6613

  • SHA512

    c06f8b4c2307be2b458be682fc221aeeca79cbf8061cf14b64e5dcbf3b008b1f4b3e1ddda2a07a55bcb7698423be52f700b132aa4a7ecb8272e86e1e8e3ee446

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrA8v:ymb3NkkiQ3mdBjFIIp9L9QrrA8v

Malware Config

Targets

    • Target

      d504078f4a11a08c275ac2a9f3a946f70d64fb675d2e8ac2c689005c1d5d6613

    • Size

      79KB

    • MD5

      781302e1075e9d00bf290be83c96f919

    • SHA1

      a4f44e11d7491439672aad3cc1c6cd3d25ac9563

    • SHA256

      d504078f4a11a08c275ac2a9f3a946f70d64fb675d2e8ac2c689005c1d5d6613

    • SHA512

      c06f8b4c2307be2b458be682fc221aeeca79cbf8061cf14b64e5dcbf3b008b1f4b3e1ddda2a07a55bcb7698423be52f700b132aa4a7ecb8272e86e1e8e3ee446

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIIpIo60L9QrrA8v:ymb3NkkiQ3mdBjFIIp9L9QrrA8v

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks