General
-
Target
c987fb55599273ea6a9a1c213d9bcb431f32f4b645bdcc3c079f6f35005d00fa
-
Size
9.2MB
-
Sample
250401-vr8vdssxcy
-
MD5
d5c582bc6b5df6a26042b51e4a1a49b4
-
SHA1
df14de77934e91fe8b2d88366eb9cffa92e16f63
-
SHA256
c987fb55599273ea6a9a1c213d9bcb431f32f4b645bdcc3c079f6f35005d00fa
-
SHA512
3b8027314d0b4bfdae8313101caeaf54d53b8ecf255e9cacdb5a48c31b7e9a71831dc547dac8b0772c05bb4902df2116a7fa1283d08c4c61daac05e46e246916
-
SSDEEP
196608:qQkV+lOBzFnXiMDa1x36Ir7yhs2VFMbEXE6psFkVX0+2qTV2tLUkran:q/+E3SMDWx36gV2VOEXEbFkG+2yV2W2E
Malware Config
Targets
-
-
Target
c987fb55599273ea6a9a1c213d9bcb431f32f4b645bdcc3c079f6f35005d00fa
-
Size
9.2MB
-
MD5
d5c582bc6b5df6a26042b51e4a1a49b4
-
SHA1
df14de77934e91fe8b2d88366eb9cffa92e16f63
-
SHA256
c987fb55599273ea6a9a1c213d9bcb431f32f4b645bdcc3c079f6f35005d00fa
-
SHA512
3b8027314d0b4bfdae8313101caeaf54d53b8ecf255e9cacdb5a48c31b7e9a71831dc547dac8b0772c05bb4902df2116a7fa1283d08c4c61daac05e46e246916
-
SSDEEP
196608:qQkV+lOBzFnXiMDa1x36Ir7yhs2VFMbEXE6psFkVX0+2qTV2tLUkran:q/+E3SMDWx36gV2VOEXEbFkG+2yV2W2E
Score10/10-
Blackmoon family
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Loads dropped DLL
-