Overview

overview

10

Static

static

8

3deaa40dd6...5b.dll

windows7-x64

10

3deaa40dd6...5b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3deaa40dd6363ac76b050054fcecc46192f70321f47438bf112e2ee8dbca2f5b

  • Size

    364KB

  • Sample

    221129-lnbwtagb36

  • MD5

    13724826c0972a6a947109d5be7012d0

  • SHA1

    0b465b0aaf3b01d385029b48c9c1996d055113e6

  • SHA256

    3deaa40dd6363ac76b050054fcecc46192f70321f47438bf112e2ee8dbca2f5b

  • SHA512

    5b217d1793c2033c0700e7f86c63a890ebeeaf4b4ade2326795a0bb34c74f56cb935d6497f57236ef7fb50d7243ea831975f860fd1573a2d4bc56e0dec8ed9d6

  • SSDEEP

    6144:3ypyJE1S5ND31zwdHlWbEaScp8FSBuRTY2o56oxW8eYkYM6y:3ysJE1SrDlzulWbEaNp8ABATY246oMTD

Score
10/10
blackmoonbankertrojanvmprotect

Malware Config

Targets

    • Target

      3deaa40dd6363ac76b050054fcecc46192f70321f47438bf112e2ee8dbca2f5b

    • Size

      364KB

    • MD5

      13724826c0972a6a947109d5be7012d0

    • SHA1

      0b465b0aaf3b01d385029b48c9c1996d055113e6

    • SHA256

      3deaa40dd6363ac76b050054fcecc46192f70321f47438bf112e2ee8dbca2f5b

    • SHA512

      5b217d1793c2033c0700e7f86c63a890ebeeaf4b4ade2326795a0bb34c74f56cb935d6497f57236ef7fb50d7243ea831975f860fd1573a2d4bc56e0dec8ed9d6

    • SSDEEP

      6144:3ypyJE1S5ND31zwdHlWbEaScp8FSBuRTY2o56oxW8eYkYM6y:3ysJE1SrDlzulWbEaNp8ABATY246oMTD

    Score
    10/10
    blackmoonbankertrojanvmprotect

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks