Overview

overview

10

Static

static

ʧ�...��.exe

windows7-x64

10

ʧ�...��.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6a4d0335a62d3b57c3794b62ddaccaf7828a3c24db43fc650dfff1b09d5767ef

  • Size

    589KB

  • Sample

    221127-kg4skscg63

  • MD5

    bed8a3d4c165ce39dac8e176e8e94968

  • SHA1

    f41d350271ec11ce58b077d529496f72771950ee

  • SHA256

    6a4d0335a62d3b57c3794b62ddaccaf7828a3c24db43fc650dfff1b09d5767ef

  • SHA512

    a6ba7eda2e3904f27e23bd748d8c0ae951f092b4f73f481774832b8df5b912849810350db7d4dd4de79849a1d6e1b3678b58c59b06b6d71e79cadaea65e35ba4

  • SSDEEP

    12288:KW8/dV3CpWN2okSir0Oi2NGgd+UVAc/xAd9pCe5a8LG3D:KWcd2aXOvjvnJAbAe5rLID

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      ʧ.exe

    • Size

      604KB

    • MD5

      c4310d9317ebe7931e57cf33ea7dc836

    • SHA1

      a2fdf439048bf560387daeb97170dda8f88f3a59

    • SHA256

      fd65134b1a4a279ca7e283b15e588ed3dd4e83e5a66c4e093861410e6708d7d6

    • SHA512

      00513a80bbe8877c2f2d5e00e2eac378d7d36becbc161d8c1957e35a5af2b794027df83a5c287dd87d77af2483f3e9eb47aa56c446d62871e46cc6100dcb03f4

    • SSDEEP

      12288:N16zhbcKiFyKBU/eEr3kxoj2x2P7F+Wu:2dbyyKymE7kydP7Y/

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks