blackmoon | 6537fe8d8905cb17408006358d97d9d3cd499824ff83b2e9b9a3212de3d1ffa7 | Triage

Submit
Reports

Overview

overview

Static

static

5f86b9f6d5...d9.exe

windows10-1703-x64

Sharing

General

Target

10079442967.zip
Size

3.7MB
Sample

230414-zzg4vsdd7t
MD5

71d469b557451f744392ba4130364223
SHA1

a9f515c64b0e43954591c78d7494a6988f0382f0
SHA256

6537fe8d8905cb17408006358d97d9d3cd499824ff83b2e9b9a3212de3d1ffa7
SHA512

44106d5ba81086842ced56c728c0c8834fb8afdc1abf0764f08cad6b99c482198ec5f0e5143cecb5573139229ba2187aa7e4c5ce7f90fcf5d30d5c6364564f73
SSDEEP

98304:vs+J8QoaNP19+ehl8YHQLmv1jjUmwghWc+S:vV8QoaNPaihImvZPwUv3

Score

10^/10

blackmoon banker trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5f86b9f6d5430545dc239ebaeaa0378098bacec2b4051fc5258126b063f25bd9.exe

Resource

win10-20230220-en

blackmoon banker trojan

windows10-1703-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  5f86b9f6d5430545dc239ebaeaa0378098bacec2b4051fc5258126b063f25bd9
- Size
  
  6.8MB
- MD5
  
  6295e4e3a900339087d19d6d59b7faa9
- SHA1
  
  44ad23e167c43d31b221d5c83a4555bc2a370ed1
- SHA256
  
  5f86b9f6d5430545dc239ebaeaa0378098bacec2b4051fc5258126b063f25bd9
- SHA512
  
  2e3859e8de4f835a1c824763a2d341ed982e7cfcfd83c800efb3b7aa2014cc898e377613d4aeba4e5f59527393b2c032c15f9d5fb85986c4296f014528bba021
- SSDEEP
  
  98304:k4MS86jxmGBcum+JBAUZLWLjiB9OfPJBAUZLcF:nBNTJVrIJV
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojan

© 2018-2024

Terms | Privacy