blackmoon | ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29 | Triage

Submit
Reports

Overview

overview

Static

static

ac16337d2d...29.exe

windows7-x64

ac16337d2d...29.exe

windows10-2004-x64

Sharing

General

Target

ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29
Size

13.4MB
Sample

240630-z8cwhawcja
MD5

60779ae85dc04847e6a279b889d4872b
SHA1

9cdf81226ae38244ad54e47b300a978aa518995b
SHA256

ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29
SHA512

06770d4f7163b409bedcf140a0891fb0810e649e9a14c49b8ccb0aa1ca433d2e70073535dbe924b8646aef3a07f518e16c095dfa91a67909462ed196033b9952
SSDEEP

393216:WwipoVrmtpg3SA4Fu+7pWxEKGV7cUMEQ4a9EZYnK2d:XiuuEErV7cUNQEGnK2d

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29.exe

Resource

win7-20240220-en

blackmoon banker trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29
- Size
  
  13.4MB
- MD5
  
  60779ae85dc04847e6a279b889d4872b
- SHA1
  
  9cdf81226ae38244ad54e47b300a978aa518995b
- SHA256
  
  ac16337d2df40547b286a96bb551b214d2b9639ab2a5b35ff9a628eef5164b29
- SHA512
  
  06770d4f7163b409bedcf140a0891fb0810e649e9a14c49b8ccb0aa1ca433d2e70073535dbe924b8646aef3a07f518e16c095dfa91a67909462ed196033b9952
- SSDEEP
  
  393216:WwipoVrmtpg3SA4Fu+7pWxEKGV7cUMEQ4a9EZYnK2d:XiuuEErV7cUNQEGnK2d
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy