blackmoon | bb0f3f532cb2254c3e4fb6a84ed3573d8586531a7ff9659fb92288e18f5b1fe3 | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Sharing

General

Target

tmp
Size

99KB
Sample

230526-mnvvcsfa69
MD5

6208c83f58b432ccf579c828f0a8e336
SHA1

0ebb82b9abf8426dc1627e8043a712dd3aa40e54
SHA256

bb0f3f532cb2254c3e4fb6a84ed3573d8586531a7ff9659fb92288e18f5b1fe3
SHA512

a8001330b18ea98e6a3955ba5b49592549a96d240c1580816085e9295b0712a68a53afcf7921c724f18a9b9e1bf40659a10485ab1141007172a3ca17b9b58c10
SSDEEP

1536:jhMa8yEH/PZwoo5psi8SIWe94eg1Wcb1kj+x/JmNApp8CVFoFucbpYBGqfw:jV8rf+ooTsV8eBM6S9JYUp8CVjJMqo

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20230220-en

blackmoon banker trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20230220-en

blackmoon banker trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  99KB
- MD5
  
  6208c83f58b432ccf579c828f0a8e336
- SHA1
  
  0ebb82b9abf8426dc1627e8043a712dd3aa40e54
- SHA256
  
  bb0f3f532cb2254c3e4fb6a84ed3573d8586531a7ff9659fb92288e18f5b1fe3
- SHA512
  
  a8001330b18ea98e6a3955ba5b49592549a96d240c1580816085e9295b0712a68a53afcf7921c724f18a9b9e1bf40659a10485ab1141007172a3ca17b9b58c10
- SSDEEP
  
  1536:jhMa8yEH/PZwoo5psi8SIWe94eg1Wcb1kj+x/JmNApp8CVFoFucbpYBGqfw:jV8rf+ooTsV8eBM6S9JYUp8CVjJMqo
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Deletes itself
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy