blackmoon | 1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872 | Triage

Submit
Reports

Overview

overview

Static

static

3

1fac6d6eab...72.exe

windows7-x64

1fac6d6eab...72.exe

windows10-2004-x64

Sharing

General

Target

1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872
Size

267KB
Sample

240519-x569tsea4s
MD5

60480218bea373e87d32c24ced55e1cd
SHA1

fa533cd244be5e602cecf8829b962ebd9a58fe8f
SHA256

1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872
SHA512

29f2f698dd0a42c3a507fd8f881ec3fc4171de6c1d42d698639095994a13e9ac6197cf2cd174446ceb51ba8d58e7306329a07aa1bc3f3cc46d7ea4fa078abdb5
SSDEEP

3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMJ:n3C9BRIG0asYFm71mPfkVB8dKwaWZ

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872.exe

Resource

win7-20231129-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872
- Size
  
  267KB
- MD5
  
  60480218bea373e87d32c24ced55e1cd
- SHA1
  
  fa533cd244be5e602cecf8829b962ebd9a58fe8f
- SHA256
  
  1fac6d6eab37951e543c90bf6ab38e91a95b648735f4f67148b4a39b64608872
- SHA512
  
  29f2f698dd0a42c3a507fd8f881ec3fc4171de6c1d42d698639095994a13e9ac6197cf2cd174446ceb51ba8d58e7306329a07aa1bc3f3cc46d7ea4fa078abdb5
- SSDEEP
  
  3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmPzTkV2y/QTa9RBZydZbf83pnzgmmIMJ:n3C9BRIG0asYFm71mPfkVB8dKwaWZ
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy