blackmoon | a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8 | Triage

Submit
Reports

Overview

overview

Static

static

3

a9a246b78e...e8.exe

windows7-x64

a9a246b78e...e8.exe

windows10-2004-x64

Sharing

General

Target

a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8
Size

122KB
Sample

240701-bkehes1gmd
MD5

ed8543c977134e88872e274798c7c1a0
SHA1

2836b6166f5102ebf449f1302fc4394d1bfd86ce
SHA256

a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8
SHA512

737ddcfe26609fda48641acd6042416f2dd20d317b30d1e7c203bf1c6b36e630dfcfa9df28a7e64bfc8555c9470ea6e559a2f6a48a6331fb47ccb0ce8a41d131
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDomRGApSuLAR2yPBCQ1nDFu1Q8sb:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgci

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8
- Size
  
  122KB
- MD5
  
  ed8543c977134e88872e274798c7c1a0
- SHA1
  
  2836b6166f5102ebf449f1302fc4394d1bfd86ce
- SHA256
  
  a9a246b78e5b06ca797f0261b54410854b82d1ffd0cd451fcde3633f0f4253e8
- SHA512
  
  737ddcfe26609fda48641acd6042416f2dd20d317b30d1e7c203bf1c6b36e630dfcfa9df28a7e64bfc8555c9470ea6e559a2f6a48a6331fb47ccb0ce8a41d131
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDomRGApSuLAR2yPBCQ1nDFu1Q8sb:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgci
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy