blackmoon | 4e9994410680adee57e5276a88a4cf1e0e7d01c0fecc55a54e9a45869e5bfcf1 | Triage

Submit
Reports

Overview

overview

Static

static

840990c302...f0.exe

windows7-x64

840990c302...f0.exe

windows10-2004-x64

Sharing

General

Target

e15275e55b641d2edfdaf980dbd28cda.bin
Size

15.2MB
Sample

230720-cn3j4acc68
MD5

e890932c7e02e59b9028c8a50e11fc7e
SHA1

d9a63d67b58d7f36f10dd51ff70f0c2ac66e9096
SHA256

4e9994410680adee57e5276a88a4cf1e0e7d01c0fecc55a54e9a45869e5bfcf1
SHA512

f7ad8faf2cbf9af58956b54141bc6e2680c602b3e77276d5f84f3693e7d556a94ba0d5358b63fc73e638ac787f07d15d3bdc47eb18e01308a1b5d11d44ef7a22
SSDEEP

393216:ITHy7cIt+8XUhB6RYKSpJ/7oACAxXlg9GiqqEt/wFj3zBh:Ijy7cS+B/pJDoo5lF6Et/wZzT

Score

10^/10

blackmoon banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

840990c302bde9e128238314c8ffb9c64a7317b728d4ff577d5f089998b07cf0.exe

Resource

win7-20230712-en

blackmoon banker trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

840990c302bde9e128238314c8ffb9c64a7317b728d4ff577d5f089998b07cf0.exe

Resource

win10v2004-20230703-en

blackmoon banker trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  840990c302bde9e128238314c8ffb9c64a7317b728d4ff577d5f089998b07cf0.bin
- Size
  
  18.5MB
- MD5
  
  e15275e55b641d2edfdaf980dbd28cda
- SHA1
  
  24865c4bf9793da9d22049208b5903396e6d3f57
- SHA256
  
  840990c302bde9e128238314c8ffb9c64a7317b728d4ff577d5f089998b07cf0
- SHA512
  
  39238e2547e652e2f690f0670d54e5cc7437db1f09219f75e3af73b4bf39c0fd5581fb03319f62460157a5433d9dcc2576398d8f364a92240fc68b723e6d9212
- SSDEEP
  
  196608:ex4YIeJVSmi93ZjDHTQnOFDKpxOET0hmk00nSJdziGYhU0jatCTNX+wnRtOMGi+W:ney3Hz8pxrT0kHJdqi0e81xRtOMP
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy