blackmoon | 2ea1cb29cfa1a2dfec0cd18651c8bf858b56202b7c7a9aae60f5e4ff8fa74b94 | Triage

Submit
Reports

Overview

overview

Static

static

3

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

9.8MB
Sample

230519-ndgenadd82
MD5

7a775ccd920f657a019f09809f88112a
SHA1

be7e900d46eef547a233b5ed3ddf2249739d3ab6
SHA256

2ea1cb29cfa1a2dfec0cd18651c8bf858b56202b7c7a9aae60f5e4ff8fa74b94
SHA512

49a57b62216503574fb773e49a0248a9ac5e3b70566b3cdab3021c614c042c0109da27cbf34ae089425c604a09a78e898e18bb37e8a9b918f44ec8784c7acb0b
SSDEEP

196608:m4z7KSOJfgdGpzzlkXWHCNpoGcLepVAblz02Q6Z0:mk7Kf4MBaXgCDoGc6SYHZ

Score

10^/10

blackmoon banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20230220-en

blackmoon banker trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20230220-en

blackmoon banker trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  9.8MB
- MD5
  
  7a775ccd920f657a019f09809f88112a
- SHA1
  
  be7e900d46eef547a233b5ed3ddf2249739d3ab6
- SHA256
  
  2ea1cb29cfa1a2dfec0cd18651c8bf858b56202b7c7a9aae60f5e4ff8fa74b94
- SHA512
  
  49a57b62216503574fb773e49a0248a9ac5e3b70566b3cdab3021c614c042c0109da27cbf34ae089425c604a09a78e898e18bb37e8a9b918f44ec8784c7acb0b
- SSDEEP
  
  196608:m4z7KSOJfgdGpzzlkXWHCNpoGcLepVAblz02Q6Z0:mk7Kf4MBaXgCDoGc6SYHZ
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Downloads MZ/PE file
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy