Overview

overview

10

Static

static

10

影视APP�...��.url

windows7-x64

1

影视APP�...��.url

windows10-2004-x64

1

曼陀罗0...��.exe

windows7-x64

10

曼陀罗0...��.exe

windows10-2004-x64

10

曼陀罗0...��.exe

windows7-x64

7

曼陀罗0...��.exe

windows10-2004-x64

7

曼陀罗0...��.exe

windows7-x64

7

曼陀罗0...��.exe

windows10-2004-x64

7

硬汉视�...��.url

windows7-x64

1

硬汉视�...��.url

windows10-2004-x64

1

网址发布页.url

windows7-x64

1

网址发布页.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    74d4c9e75fc67095c98764c991cd4ed5e84832bde463e78f58461fe977f39c15

  • Size

    3.8MB

  • Sample

    240908-z7zzmsybrd

  • MD5

    34bd0a7303f1db727023c729c175cac1

  • SHA1

    5a3dd7d92cd16bc0081ce01912abbd9589f35579

  • SHA256

    74d4c9e75fc67095c98764c991cd4ed5e84832bde463e78f58461fe977f39c15

  • SHA512

    43fd5f83e94aa0d12b005d5f267319fe9c22e19b2f73df7b9453a78ddefbd9a316605e272508ad71a60caeb76f43298b6c46f6c34099c9345acacf3f838b29b8

  • SSDEEP

    98304:eqaYjCDyUYw8SCGi7Q8Vk+dCYlMPJZidk:eqaPZQZdl7k

Score
10/10
blackmoonbankerdiscoverytrojanupx

Malware Config

Targets

    • Target

      影视APP无需登录注册秒播放.url

    • Size

      135B

    • MD5

      4181ef0f3cce1f228a992dea3845b274

    • SHA1

      1ceb7a8011f38e4de7425ed329ffbf4778e7dee2

    • SHA256

      6651682ddf901cba36affc2974197ddaa5fe0c4cf296f478e10d9f50502c9226

    • SHA512

      cbab0940da53fe1d94029fd8231cae787dea1ef3afba968b7f1c8280660c89c5b5ddf524de2bd4875a99fb8c28f6f7a95dbdc5a74d7a6c3014000d76dc514a19

    Score
    1/10
    behavioral1behavioral2

    • Target

      曼陀罗0907/曼陀罗_A版.exe

    • Size

      1.1MB

    • MD5

      12ce86b7a4ffea6707dca6184250aaad

    • SHA1

      e752816ba1408c4b08c316c1f29d2d61959f8cd0

    • SHA256

      d083f2feeec0e2cb649c208e11435940c63bbeaf9caf6d35e1d1e70623e7ce12

    • SHA512

      fc3836b821bf8e756456fd1a4c9439bdec9b4899606bfc5d9497e92faa064b19eb64c2244e2279f416a80813b71138317a5cce62b2974455559b9b4bceaff2ce

    • SSDEEP

      24576:fg4Jfj1QoDFYqJ8BRXI2HtQ+6eAQVMNxx9q3/S2165XY7:fgUPDDKBR4YEEVMNxxoPS265

    Score
    10/10
    blackmoonbankerdiscoverytrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      曼陀罗0907/曼陀罗_B版.exe

    • Size

      1.3MB

    • MD5

      61e6b1f8b3af753c18ae66124f3c860f

    • SHA1

      8b54cf12a05dab56b04a2994570f0013c868e013

    • SHA256

      7a42af60ce54d3a7b8b1addb417c680babfe0cfa86218601506b346942fc6696

    • SHA512

      5ab7c0be0aaaa1412e93a0350ef6e09fbbdbce0e2386b1722ae6d6e3b1afadba59ebb9b88f5448efe2b4dd14aaeb104040f1e518d790c679097f879faca864ef

    • SSDEEP

      24576:pKSssWK/U+EM0LQKs+AoU64zo84xK4ozTtz3vCrkik/UOrl2jdQB5GsMQzwr9zKP:ESssWKc+EM0AoU64zoLBovturzk/U2li

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

    • Target

      曼陀罗0907/曼陀罗_C版.exe

    • Size

      1.5MB

    • MD5

      d386ff9526f0f2ff7c9ccf7a85d1945e

    • SHA1

      23aae7b65fd22ca5f0d77e91669bd82452556893

    • SHA256

      edd0fd11091a8ca7ec551f67f8cec65d5fe05f0934065a601f618b4cd8f27118

    • SHA512

      9237a79d5ca403121c4e0cca1292ecd3ae6ab5b9b20225f2706b34b7f8696fd5069b17b86966752b4a6af840638e5fef9cbd0ce46ffac052b2b24dcb711119c7

    • SSDEEP

      24576:Rhu26oNksY4Le4hvV6UIbbA7aG0NQOSrf+o4jBNogQYZcaSTfyoecS3bjKniVsQu:0aksphghlGnrf+LcgQrXtC3b+niV7

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      硬汉视频(白嫖永久VIP).url

    • Size

      140B

    • MD5

      30dec626f5ebf843ee35f6c932c4ce16

    • SHA1

      5bb729d5773d434a576ba5952d5034540d1fcef3

    • SHA256

      827a0d6caf428fc5977406ea847f3741af5c82a4a2d68a245c1e4c37fafbced5

    • SHA512

      04d619c379d22d0b483fc12e763b1cf1571f75549cb6efb26b2b9f9a02aa59f1f6cfdfd7431ff5b32ffcef2b9fb1b542db95d14933e0540db6fb73b52a5694c6

    Score
    1/10
    behavioral10behavioral9

    • Target

      网址发布页.url

    • Size

      120B

    • MD5

      bce057d3d0d203756956cfa5d82dc106

    • SHA1

      dd2216da7728a6af7d52563f018e2f6cca050fc8

    • SHA256

      a5e59ff5165c67367bc12050a069884c6857599998038ea5014202bd9f4639a6

    • SHA512

      fdff03ca5d93034109d50ee724cfa4764939499c9c1236f1767d7e78753f6f57ced60568b1bf75e34443142eea4f7abb399b6f384b130f39f7c4f6eefafe784c

    Score
    1/10
    behavioral11behavioral12

MITRE ATT&CK Enterprise v15

Tasks