blackmoon | c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752 | Triage

Submit
Reports

Overview

overview

Static

static

3

c6182d452d...52.exe

windows7-x64

c6182d452d...52.exe

windows10-2004-x64

Sharing

General

Target

c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752
Size

201KB
Sample

240521-ejd22sha81
MD5

87958467fd95415e22a861bfb6dd2ff2
SHA1

13f2798f747473f03488f114eb2ee6412e3067f3
SHA256

c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752
SHA512

dcf365aa7be2c0851a938ea531e5282f6ee2f2b2aa83aeb39597b7b32255b46eb21c6554210327ac8bad12ff9edc3d52c4b485f9746b05efac05351e2b3c2dbf
SSDEEP

1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6T7v:PhOm2sI93UufdC67ciJTU2HVS63v

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752
- Size
  
  201KB
- MD5
  
  87958467fd95415e22a861bfb6dd2ff2
- SHA1
  
  13f2798f747473f03488f114eb2ee6412e3067f3
- SHA256
  
  c6182d452d5c16b91b7b9cf3d1a3fe94b862a6f8cda84da2f40fc1c6d5e58752
- SHA512
  
  dcf365aa7be2c0851a938ea531e5282f6ee2f2b2aa83aeb39597b7b32255b46eb21c6554210327ac8bad12ff9edc3d52c4b485f9746b05efac05351e2b3c2dbf
- SSDEEP
  
  1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+C2HVM1p6T7v:PhOm2sI93UufdC67ciJTU2HVS63v
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy