Overview

overview

10

Static

static

3

28a1e04629...de.exe

windows7-x64

10

28a1e04629...de.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28a1e046290f45815f164f70734ec3ebd94ae5a7326b9a1ec605e2241f02c8de.exe

  • Size

    63KB

  • Sample

    240522-pex98shg38

  • MD5

    28cd7d92c7c90c4c8516649545d2e440

  • SHA1

    95fb0e1fe12329b230d5cedc847b3a4abf0ab1a6

  • SHA256

    28a1e046290f45815f164f70734ec3ebd94ae5a7326b9a1ec605e2241f02c8de

  • SHA512

    6147087e1c00d4543f2d541b2ed8c4f543c37029eacf5ee4f110d9c921024c0b04980cc63b6073ca82dba07148c0f7c4cd64abc58f77034b0e99644d1e2c8f20

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AL:ymb3NkkiQ3mdBjFI46TQL

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      28a1e046290f45815f164f70734ec3ebd94ae5a7326b9a1ec605e2241f02c8de.exe

    • Size

      63KB

    • MD5

      28cd7d92c7c90c4c8516649545d2e440

    • SHA1

      95fb0e1fe12329b230d5cedc847b3a4abf0ab1a6

    • SHA256

      28a1e046290f45815f164f70734ec3ebd94ae5a7326b9a1ec605e2241f02c8de

    • SHA512

      6147087e1c00d4543f2d541b2ed8c4f543c37029eacf5ee4f110d9c921024c0b04980cc63b6073ca82dba07148c0f7c4cd64abc58f77034b0e99644d1e2c8f20

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3AL:ymb3NkkiQ3mdBjFI46TQL

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks