Overview

overview

10

Static

static

ʧ�...��.exe

windows7-x64

10

ʧ�...��.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4ed68156545fb52a00d64b756a34782e659d23f7de2454602bd184cf6c7f933d

  • Size

    601KB

  • Sample

    221125-3115xabd3y

  • MD5

    2588be3368454cd188f11aea550daf4a

  • SHA1

    50af671e72ea552565f85cbac43322a0bd0a9d48

  • SHA256

    4ed68156545fb52a00d64b756a34782e659d23f7de2454602bd184cf6c7f933d

  • SHA512

    78416e5d0643ae5e134928d47f0b64937772791d41f829c9b569c0d37e0904d5ce7d80a26e5385e3757afaf29cd9d15d2d1d644bc1a6e097e2ae42aee8711782

  • SSDEEP

    12288:cKCv/AVXSfRQtcIUMa18qDmnEfRorm0tVErA/ej0Qw4E63:kGsWcx1CAflw4T

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      ʧ.exe

    • Size

      618KB

    • MD5

      cfa25ff99a7730a47c2bf11e40c5b795

    • SHA1

      f6055157f5534b0cbf7d559113c9723ff153199c

    • SHA256

      fe57e655eb0ad1b44c1ab93cea3167d6f8a5627ec47e54f79893b085f217e5ad

    • SHA512

      fc5add49771666a01429be5867931226caa8ba0daa91a7921654edb1faad3a383091ffc5cf8d11855327141913523b248728da2de6100fb41a56f66a293036df

    • SSDEEP

      12288:6Wq6JmZjUUJNIhyK19rP9LH95cTyTTFadM2qMBuwVy1yDjOAqKcow:Fq6kt14yKTP9Ld/8dMVMBuwVy1yPOdp

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks