blackmoon | a71e874d64e95028dd5667f3493b23c43fc57402dcef42dbcbdf15360928f86e | Triage

Submit
Reports

Overview

overview

Static

static

1

word.html

windows7-x64

1

word.html

windows10-2004-x64

Sharing

General

Target

word.exe
Size

710B
Sample

230227-wnqp3seg5v
MD5

2fe163e42526330097fc39697fe1d2e2
SHA1

648582952f7383f26f0200c08c67997fcf0a0caf
SHA256

a71e874d64e95028dd5667f3493b23c43fc57402dcef42dbcbdf15360928f86e
SHA512

84138bbdf2e7dad0c0a322077f31bdda2ddfa8361cf7d27d6992f3067f9a56ac38a1b7aaec477bce47828f2e559b27007ac212f27c809245c7e2d88dec83d71a

Score

10^/10

blackmoon banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

word.html

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

word.html

Resource

win10v2004-20230221-en

blackmoon banker trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  word.exe
- Size
  
  710B
- MD5
  
  2fe163e42526330097fc39697fe1d2e2
- SHA1
  
  648582952f7383f26f0200c08c67997fcf0a0caf
- SHA256
  
  a71e874d64e95028dd5667f3493b23c43fc57402dcef42dbcbdf15360928f86e
- SHA512
  
  84138bbdf2e7dad0c0a322077f31bdda2ddfa8361cf7d27d6992f3067f9a56ac38a1b7aaec477bce47828f2e559b27007ac212f27c809245c7e2d88dec83d71a
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy