Analysis
-
max time kernel
142s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
12-02-2024 18:35
General
-
Target
Trainer.exe
-
Size
566KB
-
MD5
e37bf3eed1c3bbb23271d1ca91ccfa5e
-
SHA1
a22860c22e04b788a5e5060ab0ac55569ea9c9cb
-
SHA256
bc73fe503dfded3413f4afbdca39dbcf1b3d96d325292e828772a35d6f3fa097
-
SHA512
af08cad7fc1903c7f7192e951d8ebf89c6c277ef64cf989e7242fe621e889142dfdb64d48bab72484a582431dadb8ead1aa9e44c84aadb45d649fec766524e16
-
SSDEEP
12288:kmzFRuXZvJuVdMQOAQjgJr4EjWYp8E5quiDS8zLKVwM3tTyHUerR:xzFk1J0daATrTL8Eo3DSOL6wM3Vf
Score
10/10
Malware Config
Signatures
-
Blackmoon, KrBanker
Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
-
Detect Blackmoon payload 4 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Trainer.exe"C:\Users\Admin\AppData\Local\Temp\Trainer.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.7MB
-
Filesize
2.7MB
-
Filesize
2.7MB
-
Filesize
2.0MB
-
Filesize
2.0MB
-
Filesize
2.7MB
-
Filesize
2.0MB
-
Filesize
2.7MB