blackmoon | 0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e | Triage

Submit
Reports

Overview

overview

Static

static

8

0969df2500...6e.dll

windows7-x64

0969df2500...6e.dll

windows10-2004-x64

Sharing

General

Target

0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e
Size

359KB
Sample

221201-hlbw9add88
MD5

3013685d5826d27001e907af7511d730
SHA1

88221354b864760001d9fbf5eda7619865f0aad9
SHA256

0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e
SHA512

a711d4afce80a1018f49b10411551acc90400ac17ba41c1fe6f61b48e6570f65898f895d6f3e589076f63693d63ecce5392152ade5f5597562f525e6c76992ac
SSDEEP

6144:tHWao/MtE0rOcx0J1ypTuNBpXgi2QDh0ICLy8NoH1vszYDbuRLpqluWnXCW+mhsJ:1Wao/vU41ybE90dLGEzwSRQbQmhz2s2y

Score

10^/10

blackmoon banker trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e.dll

Resource

win7-20221111-en

blackmoon banker trojan vmprotect

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e.dll

Resource

win10v2004-20220812-en

blackmoon banker trojan vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e
- Size
  
  359KB
- MD5
  
  3013685d5826d27001e907af7511d730
- SHA1
  
  88221354b864760001d9fbf5eda7619865f0aad9
- SHA256
  
  0969df2500f79b5f1b505d7329939d628607e86a15f26eb19518a70f5d6b0e6e
- SHA512
  
  a711d4afce80a1018f49b10411551acc90400ac17ba41c1fe6f61b48e6570f65898f895d6f3e589076f63693d63ecce5392152ade5f5597562f525e6c76992ac
- SSDEEP
  
  6144:tHWao/MtE0rOcx0J1ypTuNBpXgi2QDh0ICLy8NoH1vszYDbuRLpqluWnXCW+mhsJ:1Wao/vU41ybE90dLGEzwSRQbQmhz2s2y
Score

10^/10

blackmoon banker trojan vmprotect
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanvmprotect

behavioral2

blackmoonbankertrojanvmprotect

© 2018-2025

Terms | Privacy