blackmoon | 4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9 | Triage

Submit
Reports

Overview

overview

Static

static

4624c0e76c...d9.exe

windows7-x64

4624c0e76c...d9.exe

windows10-2004-x64

Sharing

General

Target

4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9
Size

13.4MB
Sample

240630-rtt78ssfnp
MD5

2051f6a5d6e69cef98c9ea589f9e7623
SHA1

668f866aa4f1c19305100a8d065e9e655bf6b2b2
SHA256

4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9
SHA512

d13158db3a66420cbf98fe8205afe513c141edb9daaafbff57feccd348f61ee8b53f912cab4d911e471e04e00d7242beb9a17e8d7bf86fb1c066ab17be2e6b3d
SSDEEP

393216:BGf48S7TF9GQYFPPO6HI/S70T6zhkyJL7dKnrS:2e7xKP3HIvStLZuS

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9.exe

Resource

win7-20240220-en

blackmoon banker trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9
- Size
  
  13.4MB
- MD5
  
  2051f6a5d6e69cef98c9ea589f9e7623
- SHA1
  
  668f866aa4f1c19305100a8d065e9e655bf6b2b2
- SHA256
  
  4624c0e76ce194e45fc9fe4cab32a2f977287ab764397858e0dfca26db4ad4d9
- SHA512
  
  d13158db3a66420cbf98fe8205afe513c141edb9daaafbff57feccd348f61ee8b53f912cab4d911e471e04e00d7242beb9a17e8d7bf86fb1c066ab17be2e6b3d
- SSDEEP
  
  393216:BGf48S7TF9GQYFPPO6HI/S70T6zhkyJL7dKnrS:2e7xKP3HIvStLZuS
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy