Analysis
-
max time kernel
127s -
max time network
130s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
11-10-2022 21:57
General
-
Target
9367adbdfe6089de9f72e3beeab32161bccf788371daeefec1d80e6c94970a42.exe
-
Size
576KB
-
MD5
d940126bb56a392ea205ea91b4882e06
-
SHA1
a8995020c2d045c3a3fc209877b428500d9bb101
-
SHA256
9367adbdfe6089de9f72e3beeab32161bccf788371daeefec1d80e6c94970a42
-
SHA512
774c0443adc0ce661ab9950122ac9527b5471e7f45759e24b6ef70c7c4f6ac13af7966525c2fa29bb889741ed7bceb5525579a9bd630382bb6af96a9c609ebd2
-
SSDEEP
12288:gWAQiVTfbJbNMFJN0GTGYCQUe2Oegq8O5wdsGG/6FOc3ch6aTH7VE6AwsuF13oSM:gWAHbJbNMl0GiYCQUtOegqH5Y1W6FOcf
Score
10/10
Malware Config
Signatures
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload 2 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9367adbdfe6089de9f72e3beeab32161bccf788371daeefec1d80e6c94970a42.exe"C:\Users\Admin\AppData\Local\Temp\9367adbdfe6089de9f72e3beeab32161bccf788371daeefec1d80e6c94970a42.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.3MB
-
Filesize
1.3MB