General

  • Target

    yunyu.dll

  • Size

    5.2MB

  • Sample

    250402-c1jbzssnx5

  • MD5

    35e70d317ab1ba60288330688c93b131

  • SHA1

    03c00ffbcd4ab8038ea1cf032291fc3e716a1a76

  • SHA256

    9211b7897def9171f9dbd169d46ba570af8af03a55bd55ef9fb872cc0ff3c6a1

  • SHA512

    74f03ac5f960cab040514d3daefa0c4466055e4d97e8238810442c84b2bac5584ffd88be6a7375b2e124b7d6041d732e6276b91245126714da8b23c5b66a29c3

  • SSDEEP

    98304:JsAld9NFt0paacMXCTZlrxDmAFWueTLNfaEON:JsAlBgaBMwZldFWT5faEa

Malware Config

Targets

    • Target

      yunyu.dll

    • Size

      5.2MB

    • MD5

      35e70d317ab1ba60288330688c93b131

    • SHA1

      03c00ffbcd4ab8038ea1cf032291fc3e716a1a76

    • SHA256

      9211b7897def9171f9dbd169d46ba570af8af03a55bd55ef9fb872cc0ff3c6a1

    • SHA512

      74f03ac5f960cab040514d3daefa0c4466055e4d97e8238810442c84b2bac5584ffd88be6a7375b2e124b7d6041d732e6276b91245126714da8b23c5b66a29c3

    • SSDEEP

      98304:JsAld9NFt0paacMXCTZlrxDmAFWueTLNfaEON:JsAlBgaBMwZldFWT5faEa

    • Blackmoon family

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

MITRE ATT&CK Enterprise v15

Tasks