Overview

overview

10

Static

static

7

Steam�....2.exe

windows7-x64

10

Steam�....2.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    140s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/04/2024, 06:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Steam&ѡ񹤾V1.2.exe

  • Size

    541KB

  • MD5

    6d1a6d222769aeef4dad19282f9567a2

  • SHA1

    38621c1339fc473a68b5dac7983afb8ece9e3acc

  • SHA256

    050ad0301dc9a4983da715109c89efbb026b2cee000d8365ddf74cc03540b0ba

  • SHA512

    7a0523d5635d115339d15a6591d70ccb44400dcddf03711233b1a7b66dc2491f1a3c224e4eaaa7250ffe8073d82ff1a26e3278163a58cc6098c79696c02ecf8a

  • SSDEEP

    6144:GHJcAE1Gs/DnqbMxT3lEMLkbeh+WVVn7r5pvsgFZl+GIIIIIIIhIIIIIIIIIIIIH:GatTnqbqldLkbewch5Gi0

Score
10/10
blackmoonbankertrojanupx

Malware Config

Signatures

  • Blackmoon, KrBanker

    Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    trojanbankerblackmoon
  • Detect Blackmoon payload 4 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\Steam&ѡ񹤾V1.2.exe
    "C:\Users\Admin\AppData\Local\Temp\Steam&ѡ񹤾V1.2.exe"
    1⤵
      PID:2896

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2896-1-0x0000000000400000-0x0000000000546000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/2896-0-0x0000000000400000-0x0000000000546000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/2896-2-0x0000000000400000-0x0000000000546000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/2896-3-0x0000000001DC0000-0x0000000001DF6000-memory.dmp

            Filesize

            216KB

            Download

          • memory/2896-4-0x0000000001F90000-0x0000000001FA3000-memory.dmp

            Filesize

            76KB

            Download

          • memory/2896-5-0x00000000027E0000-0x00000000027E1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2896-6-0x0000000002DD0000-0x0000000002DD1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2896-9-0x0000000002EA0000-0x0000000002EA1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2896-8-0x0000000002DF0000-0x0000000002DF1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2896-7-0x0000000002F00000-0x0000000002F01000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2896-10-0x0000000001DC0000-0x0000000001DF6000-memory.dmp

            Filesize

            216KB

            Download

          • memory/2896-11-0x0000000001DC0000-0x0000000001DF6000-memory.dmp

            Filesize

            216KB

            Download

          • memory/2896-12-0x0000000000400000-0x0000000000546000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/2896-13-0x0000000001F90000-0x0000000001FA3000-memory.dmp

            Filesize

            76KB

            Download