Overview

overview

10

Static

static

7

a353294fa9...ef.exe

windows7-x64

10

a353294fa9...ef.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    141s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-06-2023 19:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe

  • Size

    254KB

  • MD5

    45a29043caac247386e01e89d77524df

  • SHA1

    caa477316fd00cba099f259a830b8a9f11003023

  • SHA256

    a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef

  • SHA512

    57e989b59d7cfe131e8a1f9e19b256fc7d05dfeefd957bfe38a05fccfa1439dde40ca6e85a3d8375a3560b5cbbf9b9f965f91b70576ee205f12dd22a19faa1f9

  • SSDEEP

    6144:LxNVRrU+/2YMnBH/rRmuGd4XuWWvZC8juIHTcRCe6IjjoS:tNVRl2bBHtbBWvo8qIHbEoS

Score
10/10
blackmoonbankertrojanupx

Malware Config

Signatures

  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 2 IoCs
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe
    "C:\Users\Admin\AppData\Local\Temp\a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe"
    1⤵
      PID:4996

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4996-133-0x0000000000400000-0x00000000004CA000-memory.dmp

      Filesize

      808KB

      Download

    • memory/4996-134-0x0000000003250000-0x0000000003286000-memory.dmp

      Filesize

      216KB

      Download

    • memory/4996-135-0x0000000003250000-0x0000000003286000-memory.dmp

      Filesize

      216KB

      Download

    • memory/4996-136-0x00000000032D0000-0x00000000032E3000-memory.dmp

      Filesize

      76KB

      Download

    • memory/4996-137-0x0000000003550000-0x0000000003551000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4996-139-0x0000000003250000-0x0000000003286000-memory.dmp

      Filesize

      216KB

      Download

    • memory/4996-140-0x0000000000400000-0x00000000004CA000-memory.dmp

      Filesize

      808KB

      Download