blackmoon | 5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f | Triage

Submit
Reports

Overview

overview

Static

static

8

5369ea2b30...4f.dll

windows7-x64

5369ea2b30...4f.dll

windows10-2004-x64

Sharing

General

Target

5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f
Size

362KB
Sample

221129-k3cwzshc3v
MD5

00b7a9715400fda706498d14a302bc20
SHA1

7b2dbefeed432a9a9d47e745771380bf03f61813
SHA256

5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f
SHA512

3b981076a413146d6d61a0030294a75e2ca041cf8e03847b28f8b83e2fd512c4002edccc8ee326462579ea5f825da431606af61cc04a0dc9794c980ba555b33a
SSDEEP

6144:3ypyJE1S5ND31zwdHlWbEaScp8FSBuRTY2o56oxW8eYkYM6y:3ysJE1SrDlzulWbEaNp8ABATY246oMTD

Score

10^/10

blackmoon banker trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f.dll

Resource

win7-20220812-en

blackmoon banker trojan vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f.dll

Resource

win10v2004-20220812-en

blackmoon banker trojan vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f
- Size
  
  362KB
- MD5
  
  00b7a9715400fda706498d14a302bc20
- SHA1
  
  7b2dbefeed432a9a9d47e745771380bf03f61813
- SHA256
  
  5369ea2b3077ac2a456ffda76c950eb3083802d1620e660f4fb812ca157e1b4f
- SHA512
  
  3b981076a413146d6d61a0030294a75e2ca041cf8e03847b28f8b83e2fd512c4002edccc8ee326462579ea5f825da431606af61cc04a0dc9794c980ba555b33a
- SSDEEP
  
  6144:3ypyJE1S5ND31zwdHlWbEaScp8FSBuRTY2o56oxW8eYkYM6y:3ysJE1SrDlzulWbEaNp8ABATY246oMTD
Score

10^/10

blackmoon banker trojan vmprotect
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanvmprotect

behavioral2

blackmoonbankertrojanvmprotect

© 2018-2024

Terms | Privacy