Overview

overview

10

Static

static

7

c05070b99a...5c.exe

windows7-x64

10

c05070b99a...5c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c05070b99a62e2e8b8ae7a73cde33b6880711f0b5dac380710b35f632adf245c

  • Size

    15.6MB

  • Sample

    231009-xa6d2shf23

  • MD5

    a0baacbcf9d29230b71b8ba73e81d745

  • SHA1

    8a6da2b6c687e40dc806a5012b6ee931269474c7

  • SHA256

    c05070b99a62e2e8b8ae7a73cde33b6880711f0b5dac380710b35f632adf245c

  • SHA512

    c682a3f9fdc78f8bfeed1ba058a8da9f3c51860091d536b2dbdc4e64a9a2436f3b87480cfa85e3a1dc830d69421cdda5fe3e1e478933e0c6fa098004d8fdfd01

  • SSDEEP

    393216:hjfbaIzUrpuF1vNYLdU6sff/cVaBqMWaoXzsj:hjfbfIrpuFxSlsff2aBhWls

Score
10/10
blackmoonbankertrojanvmprotect

Malware Config

Targets

    • Target

      c05070b99a62e2e8b8ae7a73cde33b6880711f0b5dac380710b35f632adf245c

    • Size

      15.6MB

    • MD5

      a0baacbcf9d29230b71b8ba73e81d745

    • SHA1

      8a6da2b6c687e40dc806a5012b6ee931269474c7

    • SHA256

      c05070b99a62e2e8b8ae7a73cde33b6880711f0b5dac380710b35f632adf245c

    • SHA512

      c682a3f9fdc78f8bfeed1ba058a8da9f3c51860091d536b2dbdc4e64a9a2436f3b87480cfa85e3a1dc830d69421cdda5fe3e1e478933e0c6fa098004d8fdfd01

    • SSDEEP

      393216:hjfbaIzUrpuF1vNYLdU6sff/cVaBqMWaoXzsj:hjfbfIrpuFxSlsff2aBhWls

    Score
    10/10
    blackmoonbankertrojanvmprotect

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks