blackmoon | e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91 | Triage

Submit
Reports

Overview

overview

Static

static

e2553192a2...91.exe

windows7-x64

e2553192a2...91.exe

windows10-2004-x64

Sharing

General

Target

e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91
Size

111KB
Sample

221127-jmzv5sec51
MD5

5b610a9e433377509bfba253b70ad4b4
SHA1

600fed6e8874fa2980570810aca4368f6865e9a7
SHA256

e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91
SHA512

1731e1934cc3304910f5791454be4a9867b8b0c0113003d7a674e719b6755d89c2ecc80abdbf6092ac5add95801205e1bce4ffed8cfe52341f39fe1b82bdaf66
SSDEEP

1536:tI2Ke+YcGCvhmP/+IL4huyCjMbxObKR29aZMT0bnonql4TrCqrkHck:tIiLcmP/+IEgy0MbxObVEMT07i2uk

Score

10^/10

blackmoon banker persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91.exe

Resource

win7-20221111-en

blackmoon banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91.exe

Resource

win10v2004-20220812-en

blackmoon banker persistence trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91
- Size
  
  111KB
- MD5
  
  5b610a9e433377509bfba253b70ad4b4
- SHA1
  
  600fed6e8874fa2980570810aca4368f6865e9a7
- SHA256
  
  e2553192a24ce7cc856c29e3d82c221b3dcbdc2b2e605342aa80c434328c9e91
- SHA512
  
  1731e1934cc3304910f5791454be4a9867b8b0c0113003d7a674e719b6755d89c2ecc80abdbf6092ac5add95801205e1bce4ffed8cfe52341f39fe1b82bdaf66
- SSDEEP
  
  1536:tI2Ke+YcGCvhmP/+IL4huyCjMbxObKR29aZMT0bnonql4TrCqrkHck:tIiLcmP/+IEgy0MbxObVEMT07i2uk
Score

10^/10

blackmoon banker trojan persistence
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankerpersistencetrojan

© 2018-2024

Terms | Privacy