blackmoon | 49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e | Triage

Submit
Reports

Overview

overview

Static

static

49542eb526...1e.exe

windows7-x64

49542eb526...1e.exe

windows10-2004-x64

Sharing

General

Target

49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e
Size

160KB
Sample

240418-1a4r1afd24
MD5

33c1442d6f00eba2ed053b6276fb833e
SHA1

80f67b704b9166eaee347d90be86eac35c60499a
SHA256

49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e
SHA512

e425b0b7a4cdce4d06b8416ad4e3de1588fdb4a668730d1a530db794e9ead1f2386b5587af1c806bb046618ebf1e96eb4a91aa10ba58d58aa88d2ce97d4bd6b0
SSDEEP

3072:xhOmTsF93UYfwC6GIout0fmCiiiXAQ5lpBoGYwNNhu0CzhKPDNuBL:xcm4FmowdHoSgWrXF5lpKGYV0wh6D0

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e.exe

Resource

win7-20240319-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e.exe

Resource

win10v2004-20240412-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e
- Size
  
  160KB
- MD5
  
  33c1442d6f00eba2ed053b6276fb833e
- SHA1
  
  80f67b704b9166eaee347d90be86eac35c60499a
- SHA256
  
  49542eb526c2ac638b6b98b78156aeee0096dfd3e1a868b9c05aaab22d722b1e
- SHA512
  
  e425b0b7a4cdce4d06b8416ad4e3de1588fdb4a668730d1a530db794e9ead1f2386b5587af1c806bb046618ebf1e96eb4a91aa10ba58d58aa88d2ce97d4bd6b0
- SSDEEP
  
  3072:xhOmTsF93UYfwC6GIout0fmCiiiXAQ5lpBoGYwNNhu0CzhKPDNuBL:xcm4FmowdHoSgWrXF5lpKGYV0wh6D0
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy