Overview

overview

10

Static

static

3

663c268cd3...86.exe

windows7-x64

10

663c268cd3...86.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    151s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14-10-2023 07:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    663c268cd3374a490df4a3ffbc8b86ff60636241176922e1c57c803b1c704486.exe

  • Size

    2.9MB

  • MD5

    1749e6d622c6aeb2458460f8b0c69b92

  • SHA1

    8f8e506e7a93bc812f95ecde21a9765a81f722f4

  • SHA256

    663c268cd3374a490df4a3ffbc8b86ff60636241176922e1c57c803b1c704486

  • SHA512

    246bddeae3660b365d615e740e54010c629afeab6bf3be5be16485bfe1280f03c392c6e47c8006569752769c28d6c7c2f370f144382cc55c31969e7ead38f3da

  • SSDEEP

    49152:N3m3gf2ujdFMztlMqueJqc8hXXZfJAkzcpow82WDjMK17cBxpcSMqDDXir:V2ugztlMqucB8htJWpu22IRB7cMq

Score
10/10
blackmoonbankertrojan

Malware Config

Signatures

  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 1 IoCs
  • Loads dropped DLL 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\663c268cd3374a490df4a3ffbc8b86ff60636241176922e1c57c803b1c704486.exe
    "C:\Users\Admin\AppData\Local\Temp\663c268cd3374a490df4a3ffbc8b86ff60636241176922e1c57c803b1c704486.exe"
    1⤵
    • Loads dropped DLL
    PID:2260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C4I18IP7\XS5G1KZR.htm
    Filesize

    390KB

    MD5

    0c28eed893137486fb8ebeda567e4e52

    SHA1

    befc6765186367dbbf709af9d47f7d570e857cc7

    SHA256

    76c7d945310d8774b13d3bb10b0e598d00959b2ca904772247cc31f14915db12

    SHA512

    b1d94ae97f4cd4f33de79e595952c81b8b12f7c67b6de76a13803fc478c085df6156c85e019d4c1c4d4ad0914ce84c4ed9541a54dbb945da079df0a7c1c2ef9d

    Download Submit

  • \Users\Public\Videos\study49\1.dll
    Filesize

    1.9MB

    MD5

    efb4f7f2c29f4b812ec344782c751ead

    SHA1

    84e6ec5323d1c535dcf4c7bbdde259a9847eee39

    SHA256

    d48fb613b4336547f5925f88ffd5de78bb36974634aad096deeb5af4be1b96c6

    SHA512

    dc85c2005c84da617bf2280471db7afb4e4bb3f85aa885136b6daf14041ee6d0dd4afd043ac1d16e4b14eddc05ad93aa8e2dec55d1e8e22e05427666cfb2c4c4

    Download Submit

  • \Users\Public\Videos\study49\2.dll
    Filesize

    536KB

    MD5

    f0061ca563185435fa16e68778eefd1a

    SHA1

    18c0805495299f504826028981892e7b0a2c66a4

    SHA256

    20d10473ba9b1ec0bb5fd21e663a0cc9fbeb618efbc1550f6540a58af10a7220

    SHA512

    7913f9fdd61a963d2362bf2df21c7fa5ab8e92e0422b70871307aa3128839f4d2608025b686688b65a9deb014f1462bb80aba84b1ee192f4639fbc1b582773bf

    Download Submit