blackmoon | c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80 | Triage

Submit
Reports

Overview

overview

Static

static

c6d139a695...80.exe

windows7-x64

c6d139a695...80.exe

windows10-2004-x64

Sharing

General

Target

c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80
Size

440KB
Sample

240522-h3qfzagb2s
MD5

8b53bc41a4643fe72619ddcb8f25ed9d
SHA1

efecc4025310aba83a59fe6ccc5494d400519429
SHA256

c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80
SHA512

4d95ba4c7ba64aaef06104f8ce8b890f71b64af0c29d44585ad84a8596bea412491d77854564783c50ea58351b32010b110876aafab2781f1cf6d25bdb0616d7
SSDEEP

12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmH91:kKxbNndhjEJd1kNpeUgI95yRoZHgoJMJ

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80
- Size
  
  440KB
- MD5
  
  8b53bc41a4643fe72619ddcb8f25ed9d
- SHA1
  
  efecc4025310aba83a59fe6ccc5494d400519429
- SHA256
  
  c6d139a695d9529c634b1dbe018d0d29b87751a566e2b7f68c9acbc0f86e5a80
- SHA512
  
  4d95ba4c7ba64aaef06104f8ce8b890f71b64af0c29d44585ad84a8596bea412491d77854564783c50ea58351b32010b110876aafab2781f1cf6d25bdb0616d7
- SSDEEP
  
  12288:w4wFHoS9KxbNnidEhjEJd1kNpeUgI95yRoZHVaoJMOxFXnRV4PiGO0hUmH91:kKxbNndhjEJd1kNpeUgI95yRoZHgoJMJ
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy