Overview

overview

10

Static

static

10

汇单图.exe

windows10-2004-x64

10

Resubmissions

28-06-2023 10:24

230628-mftmbsha65 10

28-06-2023 10:20

230628-mdkxeaaa4t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    汇单图.exe

  • Size

    265KB

  • Sample

    230628-mdkxeaaa4t

  • MD5

    7dfe3a740d55d5e677802cf8a68b0437

  • SHA1

    c183a2fa41659d4df18d4b79ec09e6151d16aee0

  • SHA256

    9fdce593fa16c76525206982a35718da11007319501d0910af25a253588702c1

  • SHA512

    026b75192ac0c1cde44cb1d8916a3535493a5259d56d3db65b30c21db94d44a9bb3ee9e68fe9a56bb1ecbeca715c483f25ddaa4f3fd153fae5c074ec81c495eb

  • SSDEEP

    3072:u30JBc9y8BpUwMyZ+BvK2t5SBjTCktECyqewTvDyRxwUdj/Tss0mGGMKT:u30JB58TnMys5iBj4CtpyFvss0mxMQ

Score
10/10
blackmoonbankertrojan

Malware Config

Targets

    • Target

      汇单图.exe

    • Size

      265KB

    • MD5

      7dfe3a740d55d5e677802cf8a68b0437

    • SHA1

      c183a2fa41659d4df18d4b79ec09e6151d16aee0

    • SHA256

      9fdce593fa16c76525206982a35718da11007319501d0910af25a253588702c1

    • SHA512

      026b75192ac0c1cde44cb1d8916a3535493a5259d56d3db65b30c21db94d44a9bb3ee9e68fe9a56bb1ecbeca715c483f25ddaa4f3fd153fae5c074ec81c495eb

    • SSDEEP

      3072:u30JBc9y8BpUwMyZ+BvK2t5SBjTCktECyqewTvDyRxwUdj/Tss0mGGMKT:u30JB58TnMys5iBj4CtpyFvss0mxMQ

    Score
    10/10
    blackmoonbankertrojan

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks