Overview

overview

10

Static

static

1

D1.exe

windows7-x64

10

D1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    大航全球实体卡-虚拟接码PC端口.rar

  • Size

    5.5MB

  • Sample

    230419-ja3fhaah4z

  • MD5

    6085cdcf6f31e7fccb6202a305dd75b5

  • SHA1

    62a6e69cfff4a44db8c24a91de16e457e0318721

  • SHA256

    dccf3c22b188bf647e9bc03f61275314bfc185c2520b38a683bf1566e484e993

  • SHA512

    5728044db4b6e7194b622c4fc841cdcfa60e68fe4e6302d61adfbf08b51e823824420c8ba9b390a14b1b7f89264726019ec27adca7ee23b559534e8ee4bdbe42

  • SSDEEP

    98304:0nEMBLpvd4ppNwRr9u0l2C0SxJlBzJAzCuBQ3r4rOJWESAapE7edhwvTFbUinL8W:vMXvdmio0l0Sx3AzZB+QOJ0XnCBU88P+

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      D1.exe

    • Size

      2.6MB

    • MD5

      9f339063dbe562051732472b0f73c12d

    • SHA1

      2ac2940992ad9cee88092e18566c82f6b6c114b1

    • SHA256

      7955c98c1bd693e24c92833f2186d58dd0c5fad231a8f27572bac5aeb2793674

    • SHA512

      06d44b0cdc4b62536a61d4cae7e9b96a435e13907890b1b423d64e9b2c68cf6dd342eefa3af1601018508353c837d35d2a28f1d29306f990b32367f63e09c7ab

    • SSDEEP

      49152:MC8ie3CGb7SCEns4SdqyTZ0Z3dMZG0+RQnwyiAKP1HrlF0OS20wlR+BkpT:e3+P2wyiAA0OSylRMkp

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks