blackmoon | 2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6 | Triage

Submit
Reports

Overview

overview

Static

static

2aec6264e1...f6.exe

windows7-x64

2aec6264e1...f6.exe

windows10-2004-x64

Sharing

General

Target

2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6
Size

565KB
Sample

221128-n1ffwabd93
MD5

b42674ba4f39012a0ee3c88002ebc92c
SHA1

1c06d50188a03ac488db25774b7d51a73ba77ca3
SHA256

2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6
SHA512

a53f74d65a62bfc6d71ca4059c6674f2f2ec33c99bd6b8b60408a388387cafdf373397dfd95a7cf382651cabd2cc4ea8d1aa1f507b2884a5fa964c8499d094d4
SSDEEP

12288:XaKoq63D9WtxtIdn5OezP2OwmTjFF1n19vX:X563JUinf23gjnNPP

Score

10^/10

blackmoon banker phishing trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6.exe

Resource

win7-20220812-en

blackmoon banker phishing trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6.exe

Resource

win10v2004-20221111-en

blackmoon banker trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6
- Size
  
  565KB
- MD5
  
  b42674ba4f39012a0ee3c88002ebc92c
- SHA1
  
  1c06d50188a03ac488db25774b7d51a73ba77ca3
- SHA256
  
  2aec6264e1df8d3cf21aeedba88d6be4dd8fc278acd1ac4bc87a2f15c5317ef6
- SHA512
  
  a53f74d65a62bfc6d71ca4059c6674f2f2ec33c99bd6b8b60408a388387cafdf373397dfd95a7cf382651cabd2cc4ea8d1aa1f507b2884a5fa964c8499d094d4
- SSDEEP
  
  12288:XaKoq63D9WtxtIdn5OezP2OwmTjFF1n19vX:X563JUinf23gjnNPP
Score

10^/10

blackmoon banker phishing trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Detected phishing page
  phishing
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

blackmoonbankerphishingtrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy