blackmoon | cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f | Triage

Submit
Reports

Overview

overview

Static

static

cc58f4229e...4f.exe

windows7-x64

cc58f4229e...4f.exe

windows10-2004-x64

Sharing

General

Target

cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f
Size

380KB
Sample

240520-dcpdrsha2x
MD5

7fca2709f21b8e5dab89534cbe17d198
SHA1

31906d05b0163b8fe6396867ff250038d15c912a
SHA256

cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f
SHA512

1f495fafb84c0149b192337784eed76d7fda3f62cb36eca59d75120fa273438e49ad31c35a4500e1c1ed10468bf3e788c49448ce5ac25a5f24bb32d3dda87623
SSDEEP

6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoh:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoZ

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f
- Size
  
  380KB
- MD5
  
  7fca2709f21b8e5dab89534cbe17d198
- SHA1
  
  31906d05b0163b8fe6396867ff250038d15c912a
- SHA256
  
  cc58f4229ed64e725a4d8211b24daeed1146a916afed462a5250f4904b92324f
- SHA512
  
  1f495fafb84c0149b192337784eed76d7fda3f62cb36eca59d75120fa273438e49ad31c35a4500e1c1ed10468bf3e788c49448ce5ac25a5f24bb32d3dda87623
- SSDEEP
  
  6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoh:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoZ
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy