blackmoon | d67dd66d7f97cca8e9091c6f59e8bc9b4973d73df1f5fdc13fd7e68211679d32 | Triage

Submit
Reports

Overview

overview

Static

static

179a3747b8...cs.exe

windows7-x64

179a3747b8...cs.exe

windows10-2004-x64

Sharing

General

Target

179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe
Size

440KB
Sample

240519-xaldwaca37
MD5

179a3747b82b58a9c3589974e145adf0
SHA1

80af51f31d6492945a846bd19f773005717f5c2c
SHA256

d67dd66d7f97cca8e9091c6f59e8bc9b4973d73df1f5fdc13fd7e68211679d32
SHA512

09aff14d940db5c491bba80e46f93ba2251505c092eb8b915f6da1b0b7d81b39a81041cfbe8e5685bf500460f15ebbbd777864f84869d6242b17b1ced4721fe2
SSDEEP

6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAt:xgXQKSLpOCtV0R8xMSaAt

Score

10^/10

blackmoon banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe

Resource

win7-20240221-en

blackmoon banker trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe
- Size
  
  440KB
- MD5
  
  179a3747b82b58a9c3589974e145adf0
- SHA1
  
  80af51f31d6492945a846bd19f773005717f5c2c
- SHA256
  
  d67dd66d7f97cca8e9091c6f59e8bc9b4973d73df1f5fdc13fd7e68211679d32
- SHA512
  
  09aff14d940db5c491bba80e46f93ba2251505c092eb8b915f6da1b0b7d81b39a81041cfbe8e5685bf500460f15ebbbd777864f84869d6242b17b1ced4721fe2
- SSDEEP
  
  6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAt:xgXQKSLpOCtV0R8xMSaAt
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy