blackmoon | f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f | Triage

Submit
Reports

Overview

overview

Static

static

3

f2dadb0556...5f.exe

windows7-x64

f2dadb0556...5f.exe

windows10-2004-x64

Sharing

General

Target

f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f
Size

93KB
Sample

240701-e6vnbazclr
MD5

e24f3ec5c237e0f6f9c70828cf4ae5e5
SHA1

ded123c56457f5d7e7797d484655e55389b42f2b
SHA256

f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f
SHA512

0c8aa2ee22a342fd056c9b95ff91ad33741a00aa43a9d0ae5778566eb19ae48cfc1d45ae2270ccaf3a5f0e7fa1032a6648d27f08212ea9d820a1f4d98abdb7ce
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzac0Hobv0byLufTJfJvWV:ymb3NkkiQ3mdBjFodt27HobvcyLufNfM

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f
- Size
  
  93KB
- MD5
  
  e24f3ec5c237e0f6f9c70828cf4ae5e5
- SHA1
  
  ded123c56457f5d7e7797d484655e55389b42f2b
- SHA256
  
  f2dadb0556042dc291f1a7985f630a0f44d1205295bf1c73166127191d0c335f
- SHA512
  
  0c8aa2ee22a342fd056c9b95ff91ad33741a00aa43a9d0ae5778566eb19ae48cfc1d45ae2270ccaf3a5f0e7fa1032a6648d27f08212ea9d820a1f4d98abdb7ce
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDodtzac0Hobv0byLufTJfJvWV:ymb3NkkiQ3mdBjFodt27HobvcyLufNfM
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy