blackmoon | 7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7 | Triage

Submit
Reports

Overview

overview

Static

static

7c3eec4963...c7.exe

windows7-x64

7c3eec4963...c7.exe

windows10-2004-x64

Sharing

General

Target

7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7
Size

12.9MB
Sample

240701-dxdsrsvcpd
MD5

738cac618cfefcc8a132843ce369c2ab
SHA1

d8b9b7be05ac744327e8c06fffb68c89c5c50385
SHA256

7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7
SHA512

56c1094741670fee233a8d68300c57571030064e960811ceb6f7d337cdcab08a39e0b01ab4049a420dcfbcd3b21098ac2ecd3fb33bb6f4b80f6c099ab2e50aac
SSDEEP

393216:jaKnqvuE3jI76GNR3yF1PQ+ODY8XdWdg3usMsSnFC/aa:jazvFzUlNRA1PQ+7AdW6+sOM/

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7
- Size
  
  12.9MB
- MD5
  
  738cac618cfefcc8a132843ce369c2ab
- SHA1
  
  d8b9b7be05ac744327e8c06fffb68c89c5c50385
- SHA256
  
  7c3eec49636be68c0e86f1f3e087b405567b5473b8691c02e488955b659d56c7
- SHA512
  
  56c1094741670fee233a8d68300c57571030064e960811ceb6f7d337cdcab08a39e0b01ab4049a420dcfbcd3b21098ac2ecd3fb33bb6f4b80f6c099ab2e50aac
- SSDEEP
  
  393216:jaKnqvuE3jI76GNR3yF1PQ+ODY8XdWdg3usMsSnFC/aa:jazvFzUlNRA1PQ+7AdW6+sOM/
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy