blackmoon | a38d5346d345fc6c2654281bd517e787180472b6cc5154fd97624c03040c9557 | Triage

Submit
Reports

Overview

overview

Static

static

NEAS.73ec5...50.exe

windows7-x64

NEAS.73ec5...50.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.73ec55003c9cfcffe7abb285a979b150.exe
Size

374KB
Sample

231031-kvdhjscf2w
MD5

73ec55003c9cfcffe7abb285a979b150
SHA1

dd6366166922e4a7656271ebc8793b3edcf664f7
SHA256

a38d5346d345fc6c2654281bd517e787180472b6cc5154fd97624c03040c9557
SHA512

f4cc5672d5d66b4fbaaf001990747a0df64cbcfa9d52756c728f672f639da5b5fd6d868dc0e9de91475129ecbed857da150abc76ee965f8a1301a59a8a4a8cd3
SSDEEP

3072:hZ+srvy+8+ANlhKeNPBJraHIL1c0gxQD9aXjsaouRIXMz+rpGbnb2HJ9+UuBx8t:hZrK+r+l0eNPBJrOxQD90saoTXrGsvgS

Score

10^/10

blackmoon banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

NEAS.73ec55003c9cfcffe7abb285a979b150.exe

Resource

win7-20231023-en

blackmoon banker trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.73ec55003c9cfcffe7abb285a979b150.exe

Resource

win10v2004-20231023-en

blackmoon banker trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.73ec55003c9cfcffe7abb285a979b150.exe
- Size
  
  374KB
- MD5
  
  73ec55003c9cfcffe7abb285a979b150
- SHA1
  
  dd6366166922e4a7656271ebc8793b3edcf664f7
- SHA256
  
  a38d5346d345fc6c2654281bd517e787180472b6cc5154fd97624c03040c9557
- SHA512
  
  f4cc5672d5d66b4fbaaf001990747a0df64cbcfa9d52756c728f672f639da5b5fd6d868dc0e9de91475129ecbed857da150abc76ee965f8a1301a59a8a4a8cd3
- SSDEEP
  
  3072:hZ+srvy+8+ANlhKeNPBJraHIL1c0gxQD9aXjsaouRIXMz+rpGbnb2HJ9+UuBx8t:hZrK+r+l0eNPBJrOxQD90saoTXrGsvgS
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2025

Terms | Privacy