Overview

overview

10

Static

static

3

3b461acf13...b6.exe

windows7-x64

10

3b461acf13...b6.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    26-08-2023 11:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b461acf1399af3466bd537ab783fcc7b7dad49194d1d80f31280bbf05b5a9b6.exe

  • Size

    2.8MB

  • MD5

    64bd550367076171969c26b95cb88964

  • SHA1

    b66d0b28c0b892a459c92359cf6f51e225921adb

  • SHA256

    3b461acf1399af3466bd537ab783fcc7b7dad49194d1d80f31280bbf05b5a9b6

  • SHA512

    ffb95584c47acabe77629d5865a91bcfa1dd0b52311cf2383b4f3f655c478d1cb921369e8f7775468ec282039d1e7af8415f61d66b8637eac9d35d371a88b85d

  • SSDEEP

    49152:QLB2daPATdfrD53oh3MztlMqueJqc8hXXZfJAkzcpow82WDjMK17cBFAnSh:2ATdfrDNztlMqucB8htJWpu22IRBSnS

Score
10/10
blackmoonbankertrojan

Malware Config

Signatures

  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 1 IoCs
  • Loads dropped DLL 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b461acf1399af3466bd537ab783fcc7b7dad49194d1d80f31280bbf05b5a9b6.exe
    "C:\Users\Admin\AppData\Local\Temp\3b461acf1399af3466bd537ab783fcc7b7dad49194d1d80f31280bbf05b5a9b6.exe"
    1⤵
    • Loads dropped DLL
    PID:2376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U6AGJ71Z\YX3F9MIH.htm
    Filesize

    378KB

    MD5

    90e4abefd5b9f4025a3f590d663c2888

    SHA1

    729488230f9a3eb3f63df28d361fbe91596bc0ad

    SHA256

    d7efd26ec049d0bd1c3bdd8718ce27bb0aa29ba8fe66da038433a4c097a0e1c9

    SHA512

    b29d07f277a2a28d20c151d094a516d34d218bad85570acbbadf05fba2689c70fc8990275e259fec0e483332a29d99100a3251003bf65bf2f480206c9f4aee06

    Download Submit

  • \Users\Public\Videos\study88\1.dll
    Filesize

    1.9MB

    MD5

    efb4f7f2c29f4b812ec344782c751ead

    SHA1

    84e6ec5323d1c535dcf4c7bbdde259a9847eee39

    SHA256

    d48fb613b4336547f5925f88ffd5de78bb36974634aad096deeb5af4be1b96c6

    SHA512

    dc85c2005c84da617bf2280471db7afb4e4bb3f85aa885136b6daf14041ee6d0dd4afd043ac1d16e4b14eddc05ad93aa8e2dec55d1e8e22e05427666cfb2c4c4

    Download Submit

  • \Users\Public\Videos\study88\2.dll
    Filesize

    376KB

    MD5

    0b45733acac1dc11854ad2c2ae8e2dff

    SHA1

    43a2dcdd17f30715608ce31c9b5c58fc736b7ab3

    SHA256

    f886e88304366b83e33bbee8701dede0778e95bc1602fb2a789259aaf2804a2d

    SHA512

    9fbf46e28b5e32b340ea20807a29f9f27d03ab688bb4f036e1ee79de6fbfb8a2c8af6b09554aeb60567ca258d59129dfbba609e6c2bb71aca2537d32457d029a

    Download Submit