Analysis
-
max time kernel
141s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
19-06-2023 19:55
General
-
Target
a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe
-
Size
254KB
-
MD5
45a29043caac247386e01e89d77524df
-
SHA1
caa477316fd00cba099f259a830b8a9f11003023
-
SHA256
a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef
-
SHA512
57e989b59d7cfe131e8a1f9e19b256fc7d05dfeefd957bfe38a05fccfa1439dde40ca6e85a3d8375a3560b5cbbf9b9f965f91b70576ee205f12dd22a19faa1f9
-
SSDEEP
6144:LxNVRrU+/2YMnBH/rRmuGd4XuWWvZC8juIHTcRCe6IjjoS:tNVRl2bBHtbBWvo8qIHbEoS
Score
10/10
Malware Config
Signatures
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload 2 IoCs
-
UPX packed file 5 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe"C:\Users\Admin\AppData\Local\Temp\a353294fa93d44d7a9c31d9914c11638a935df8237e5e06883bfab7fa6fa17ef.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4996-133-0x0000000000400000-0x00000000004CA000-memory.dmpFilesize
808KB
-
memory/4996-134-0x0000000003250000-0x0000000003286000-memory.dmpFilesize
216KB
-
memory/4996-135-0x0000000003250000-0x0000000003286000-memory.dmpFilesize
216KB
-
memory/4996-136-0x00000000032D0000-0x00000000032E3000-memory.dmpFilesize
76KB
-
memory/4996-137-0x0000000003550000-0x0000000003551000-memory.dmpFilesize
4KB
-
memory/4996-139-0x0000000003250000-0x0000000003286000-memory.dmpFilesize
216KB
-
memory/4996-140-0x0000000000400000-0x00000000004CA000-memory.dmpFilesize
808KB