Overview

overview

10

Static

static

7

ba75424ad7...32.exe

windows7-x64

10

ba75424ad7...32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ba75424ad79b17e86cf8fc39cca11470_exe32.exe

  • Size

    61KB

  • Sample

    231015-yfs7caga75

  • MD5

    ba75424ad79b17e86cf8fc39cca11470

  • SHA1

    304961b1a7ea87c3dcb416262c56acb783fc6a44

  • SHA256

    6679528b646062f450bd849ac5157037ef29ffb414f3061cfd0b2d666885cd31

  • SHA512

    b33a0d93cf6c753133dbafbdad4d2c411be79864dd73b6e454b661b3d8279a437c51ceda29cf6d3d6e719855ffc1d1d8c3db07db410f44db732d99a116b09729

  • SSDEEP

    1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5DiyC:/hOmTsF93UYfwC6GIoutY

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      ba75424ad79b17e86cf8fc39cca11470_exe32.exe

    • Size

      61KB

    • MD5

      ba75424ad79b17e86cf8fc39cca11470

    • SHA1

      304961b1a7ea87c3dcb416262c56acb783fc6a44

    • SHA256

      6679528b646062f450bd849ac5157037ef29ffb414f3061cfd0b2d666885cd31

    • SHA512

      b33a0d93cf6c753133dbafbdad4d2c411be79864dd73b6e454b661b3d8279a437c51ceda29cf6d3d6e719855ffc1d1d8c3db07db410f44db732d99a116b09729

    • SSDEEP

      1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5DiyC:/hOmTsF93UYfwC6GIoutY

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks