blackmoon | f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc | Triage

Submit
Reports

Overview

overview

Static

static

f2e2798e8c...bc.exe

windows7-x64

f2e2798e8c...bc.exe

windows10-2004-x64

Sharing

General

Target

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
Size

4.3MB
Sample

221203-qywfesed99
MD5

8826fc5c2e958c1383f6d95120dce383
SHA1

1d1f2939c911af039448cc4e1c6c93735e6cd257
SHA256

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
SHA512

3606f2fc4bb0e8753c2829f0e0c7c4d72a374c082d735ccfee2e700a96974cca731ac35ef447837b33da7be8effd68b8bd779ba6f60aed7b11bae771b50e837a
SSDEEP

98304:anrCk/0EZTpNAOS4pW1dmv7kfPGH4Ap/Do:adsqNAOQ1Av7uGH

Score

10^/10

blackmoon banker spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc.exe

Resource

win7-20221111-en

blackmoon banker spyware stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc.exe

Resource

win10v2004-20221111-en

blackmoon banker trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
- Size
  
  4.3MB
- MD5
  
  8826fc5c2e958c1383f6d95120dce383
- SHA1
  
  1d1f2939c911af039448cc4e1c6c93735e6cd257
- SHA256
  
  f2e2798e8cec3af5629f324439350256ae99e1e4d1ab408363c0912f42969bbc
- SHA512
  
  3606f2fc4bb0e8753c2829f0e0c7c4d72a374c082d735ccfee2e700a96974cca731ac35ef447837b33da7be8effd68b8bd779ba6f60aed7b11bae771b50e837a
- SSDEEP
  
  98304:anrCk/0EZTpNAOS4pW1dmv7kfPGH4Ap/Do:adsqNAOQ1Av7uGH
Score

10^/10

blackmoon banker spyware stealer trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerspywarestealertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy