blackmoon | a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196 | Triage

Submit
Reports

Overview

overview

Static

static

3

a3eeb2c9e1...96.exe

windows7-x64

a3eeb2c9e1...96.exe

windows10-2004-x64

Sharing

General

Target

a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196
Size

720KB
Sample

240521-ck88gaef86
MD5

1d9d9aa32d416ce746d74f43a4e4c076
SHA1

312271f391852e9921612b02670212b36d185480
SHA256

a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196
SHA512

d265092d5ffd31d03724d39bd5c3cdf7b40813650b6d39744ed57d277d73ac8775ed525814a76a85db80da37e609d70a4e91b8bbfcda8c4b5e5a3053bcb85ac0
SSDEEP

12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsF:SgD4bhoqLDqYLS7w4h

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196
- Size
  
  720KB
- MD5
  
  1d9d9aa32d416ce746d74f43a4e4c076
- SHA1
  
  312271f391852e9921612b02670212b36d185480
- SHA256
  
  a3eeb2c9e1b3316c111fb16cd90a15892cc12dc624086c150cac38c2207a4196
- SHA512
  
  d265092d5ffd31d03724d39bd5c3cdf7b40813650b6d39744ed57d277d73ac8775ed525814a76a85db80da37e609d70a4e91b8bbfcda8c4b5e5a3053bcb85ac0
- SSDEEP
  
  12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsF:SgD4bhoqLDqYLS7w4h
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy