Overview

overview

10

Static

static

7

82151abe9f...c6.exe

windows7-x64

10

82151abe9f...c6.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    26s
  • max time network
    29s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2023 20:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    82151abe9fbda4bf09c23ed946fd56d6af7c4582ce49b9a2884b71780169abc6.exe

  • Size

    476KB

  • MD5

    f1eed8c9913ba48d51b9c03e75e155f0

  • SHA1

    79bf7476a9f3ba427445cb27613a44a2e4b3cb7d

  • SHA256

    82151abe9fbda4bf09c23ed946fd56d6af7c4582ce49b9a2884b71780169abc6

  • SHA512

    d55e09caf26b67ed3cd53f751c314e7295b0dd70fb4c04011b923172651ad19173a1f45b789f3fa76d7ba27272f10f745db162f254ef783b480f2b2b158664bf

  • SSDEEP

    12288:64hsx/Zi0qBgAqEiRKI9A4C5CCC1CCCCXCCCCCwCCCCCCNCCCCCCCxCCCCCCCC5G:dOhi0qj

Score
10/10
blackmoonbankertrojan

Malware Config

Signatures

  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82151abe9fbda4bf09c23ed946fd56d6af7c4582ce49b9a2884b71780169abc6.exe
    "C:\Users\Admin\AppData\Local\Temp\82151abe9fbda4bf09c23ed946fd56d6af7c4582ce49b9a2884b71780169abc6.exe"
    1⤵
      PID:1728

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1728-54-0x0000000000400000-0x00000000004F6000-memory.dmp
      Filesize

      984KB

      Download
    • memory/1728-55-0x0000000000400000-0x00000000004F6000-memory.dmp
      Filesize

      984KB

      Download
    • memory/1728-56-0x0000000000400000-0x00000000004F6000-memory.dmp
      Filesize

      984KB

      Download
    • memory/1728-57-0x0000000000400000-0x00000000004F6000-memory.dmp
      Filesize

      984KB

      Download