blackmoon | 35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc | Triage

Submit
Reports

Overview

overview

Static

static

3

35d7ac5d77...dc.exe

windows7-x64

35d7ac5d77...dc.exe

windows10-2004-x64

Sharing

General

Target

35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc
Size

204KB
Sample

240418-zcvfnseb95
MD5

96527df3b518041611d3218d2db3b6e1
SHA1

9a450992cda56c5439d381cb9abee25e0276125f
SHA256

35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc
SHA512

d849964500b17f1c49c88dae8974dff336c4c680083a1250e495ef1e9b41d595be90a1923c960d93d515db1ed00d4bc93979c926ca208454428d26ff6e8ed223
SSDEEP

1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6TQpCi6:PhOm2sI93UufdC67ciJTU2HVS646

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc.exe

Resource

win10v2004-20240412-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc
- Size
  
  204KB
- MD5
  
  96527df3b518041611d3218d2db3b6e1
- SHA1
  
  9a450992cda56c5439d381cb9abee25e0276125f
- SHA256
  
  35d7ac5d77d7cc72e7296d62341cc5a27bb280795ab49f24325eb83c6502e1dc
- SHA512
  
  d849964500b17f1c49c88dae8974dff336c4c680083a1250e495ef1e9b41d595be90a1923c960d93d515db1ed00d4bc93979c926ca208454428d26ff6e8ed223
- SSDEEP
  
  1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6TQpCi6:PhOm2sI93UufdC67ciJTU2HVS646
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy