blackmoon | c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0

Analysis

max time kernel
42s
max time network
46s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
03/10/2022, 13:36

Target

c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0.exe
Size

421KB
MD5

4557fce2f2972066e8fef2b3485ffb50
SHA1

3e430994673498bf6682539189bae89b0b7b7e69
SHA256

c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0
SHA512

a110a5e383ce11676ebd94bf7b4b7a5d36fe9080670e6898bd24814aa38b51fd5730127be0c132e326802ab5e83418eddc1212e479db082ca8af84c6b16a365c
SSDEEP

6144:9OJtfu3G7DHPLURvk7F/oxgLI6ml6iRi8LpPHRfsTEnQtpqq78URQE:GqG7DvUqFyrpwWQtg8

Score

10^/10

Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
trojan banker blackmoon

Detect Blackmoon payload 3 IoCs

resource	yara_rule
behavioral1/memory/992-55-0x0000000000400000-0x0000000000582000-memory.dmp	family_blackmoon
behavioral1/memory/992-57-0x0000000000400000-0x0000000000582000-memory.dmp	family_blackmoon
behavioral1/memory/992-58-0x0000000000400000-0x0000000000582000-memory.dmp	family_blackmoon

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
992	c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0.exe
992	c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0.exe

C:\Users\Admin\AppData\Local\Temp\c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0.exe
"C:\Users\Admin\AppData\Local\Temp\c4443ae3c65f58230f7260f72254f7b8c6f549a62b763cdada8a5b9557171ad0.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:992

memory/992-54-0x0000000076561000-0x0000000076563000-memory.dmp

Filesize
8KB

Download
memory/992-55-0x0000000000400000-0x0000000000582000-memory.dmp

Filesize
1.5MB

Download
memory/992-57-0x0000000000400000-0x0000000000582000-memory.dmp

Filesize
1.5MB

Download
memory/992-58-0x0000000000400000-0x0000000000582000-memory.dmp

Filesize
1.5MB

Download