blackmoon | 9fdce593fa16c76525206982a35718da11007319501d0910af25a253588702c1 | Triage

Submit
Reports

Overview

overview

Static

static

汇单图.exe

windows7-x64

汇单图.exe

windows10-2004-x64

Resubmissions

28-06-2023 10:24

230628-mftmbsha65 10

28-06-2023 10:20

230628-mdkxeaaa4t 10

Sharing

General

Target

汇单图.exe
Size

265KB
Sample

230628-mftmbsha65
MD5

7dfe3a740d55d5e677802cf8a68b0437
SHA1

c183a2fa41659d4df18d4b79ec09e6151d16aee0
SHA256

9fdce593fa16c76525206982a35718da11007319501d0910af25a253588702c1
SHA512

026b75192ac0c1cde44cb1d8916a3535493a5259d56d3db65b30c21db94d44a9bb3ee9e68fe9a56bb1ecbeca715c483f25ddaa4f3fd153fae5c074ec81c495eb
SSDEEP

3072:u30JBc9y8BpUwMyZ+BvK2t5SBjTCktECyqewTvDyRxwUdj/Tss0mGGMKT:u30JB58TnMys5iBj4CtpyFvss0mxMQ

Score

10^/10

blackmoon banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

汇单图.exe

Resource

win7-20230621-en

blackmoon banker trojan

windows7-x64

7 signatures

300 seconds

Behavioral task

behavioral2

Sample

汇单图.exe

Resource

win10v2004-20230621-en

blackmoon banker trojan

windows10-2004-x64

7 signatures

300 seconds

Malware Config

Targets

- Target
  
  汇单图.exe
- Size
  
  265KB
- MD5
  
  7dfe3a740d55d5e677802cf8a68b0437
- SHA1
  
  c183a2fa41659d4df18d4b79ec09e6151d16aee0
- SHA256
  
  9fdce593fa16c76525206982a35718da11007319501d0910af25a253588702c1
- SHA512
  
  026b75192ac0c1cde44cb1d8916a3535493a5259d56d3db65b30c21db94d44a9bb3ee9e68fe9a56bb1ecbeca715c483f25ddaa4f3fd153fae5c074ec81c495eb
- SSDEEP
  
  3072:u30JBc9y8BpUwMyZ+BvK2t5SBjTCktECyqewTvDyRxwUdj/Tss0mGGMKT:u30JB58TnMys5iBj4CtpyFvss0mxMQ
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy