blackmoon | 614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd | Triage

Submit
Reports

Overview

overview

Static

static

8

614b12c79c...fd.dll

windows7-x64

614b12c79c...fd.dll

windows10-2004-x64

Sharing

General

Target

614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd
Size

369KB
Sample

221129-kjcrwaff8z
MD5

4e3afe2ed0f0f3ba785d38ab11c41840
SHA1

c9b6fd7f5d66e0b2a1615e6dd9115ebf8d54de5d
SHA256

614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd
SHA512

2999a716d871a730ff18472b4b06bd7e881d6a1b0460cb33bda694fac326b39de754d8b896fc304c2c35fa8236f5c4ed4a51a5d28a9bf76e1a58679745799569
SSDEEP

6144:tHWao/MtE0rOcx0J1ypTuNBpXgi2QDh0ICLy8NoH1vszYDbuRLpqluWnXCW+mhsJ:1Wao/vU41ybE90dLGEzwSRQbQmhz2s2y

Score

10^/10

blackmoon banker trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd.dll

Resource

win7-20221111-en

blackmoon banker trojan vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd.dll

Resource

win10v2004-20220901-en

blackmoon banker trojan vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd
- Size
  
  369KB
- MD5
  
  4e3afe2ed0f0f3ba785d38ab11c41840
- SHA1
  
  c9b6fd7f5d66e0b2a1615e6dd9115ebf8d54de5d
- SHA256
  
  614b12c79ce95271bf3a0cefd9cae72fada16284541df85559bcf831540866fd
- SHA512
  
  2999a716d871a730ff18472b4b06bd7e881d6a1b0460cb33bda694fac326b39de754d8b896fc304c2c35fa8236f5c4ed4a51a5d28a9bf76e1a58679745799569
- SSDEEP
  
  6144:tHWao/MtE0rOcx0J1ypTuNBpXgi2QDh0ICLy8NoH1vszYDbuRLpqluWnXCW+mhsJ:1Wao/vU41ybE90dLGEzwSRQbQmhz2s2y
Score

10^/10

blackmoon banker trojan vmprotect
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanvmprotect

behavioral2

blackmoonbankertrojanvmprotect

© 2018-2024

Terms | Privacy