blackmoon | 4bbf96786582defbde572b0ba76fcd5b39e1763e3abcee6114fedd4fd80a08c4 | Triage

Submit
Reports

Overview

overview

Static

static

3

Anydsk.exe

windows7-x64

Anydsk.exe

windows10-2004-x64

Sharing

General

Target

Anydsk.exe
Size

108.7MB
Sample

231211-nk1rwaegb3
MD5

18e74ae1487869042fb39721dca8b985
SHA1

6cfeebd522e410cfa3d3c5420f821f089f190b00
SHA256

4bbf96786582defbde572b0ba76fcd5b39e1763e3abcee6114fedd4fd80a08c4
SHA512

c57bf7cd4ea62850ea2f0bd53b3005c1ae1922c71068874205686db49900ad5dc4a6cac04a1502855279c305e6dd442315da11c114eb32ea35e93d1af4230cd7
SSDEEP

3145728:lBRPGw3RTT5Ej+1ejKQCF8VRrO97CUowYIw9f:l5tCj+AjK7FYu7Cymf

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Anydsk.exe

Resource

win7-20231201-en

blackmoon banker trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

Anydsk.exe

Resource

win10v2004-20231201-en

blackmoon banker trojan upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  Anydsk.exe
- Size
  
  108.7MB
- MD5
  
  18e74ae1487869042fb39721dca8b985
- SHA1
  
  6cfeebd522e410cfa3d3c5420f821f089f190b00
- SHA256
  
  4bbf96786582defbde572b0ba76fcd5b39e1763e3abcee6114fedd4fd80a08c4
- SHA512
  
  c57bf7cd4ea62850ea2f0bd53b3005c1ae1922c71068874205686db49900ad5dc4a6cac04a1502855279c305e6dd442315da11c114eb32ea35e93d1af4230cd7
- SSDEEP
  
  3145728:lBRPGw3RTT5Ej+1ejKQCF8VRrO97CUowYIw9f:l5tCj+AjK7FYu7Cymf
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy