blackmoon | 68a744262f15853f21c5ac107b037102e914832861ae8f9f053b9de9ac048d47 | Triage

Submit
Reports

Overview

overview

Static

static

9f975a5f43...cs.exe

windows7-x64

9f975a5f43...cs.exe

windows10-2004-x64

Sharing

General

Target

9f975a5f43dfcfe20a12f62bc4052170_NeikiAnalytics.exe
Size

357KB
Sample

240523-21dtyacf76
MD5

9f975a5f43dfcfe20a12f62bc4052170
SHA1

c7bc077fc383b46f27dbc7bc6ede2685b714b24c
SHA256

68a744262f15853f21c5ac107b037102e914832861ae8f9f053b9de9ac048d47
SHA512

978cf07790ede37c70a95885c402fcc2d176d308ed256cfe015a62b5b312b1d104a910824984dfe47d9eb8a30a862666e87c8b8ec8ff1d2daeaedf9b65a2e440
SSDEEP

6144:mvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7o4:mvMQ5ibjnwka3pbRC19Gw/Nso4

Score

10^/10

blackmoon banker trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

9f975a5f43dfcfe20a12f62bc4052170_NeikiAnalytics.exe

Resource

win7-20240221-en

blackmoon banker trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f975a5f43dfcfe20a12f62bc4052170_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  9f975a5f43dfcfe20a12f62bc4052170_NeikiAnalytics.exe
- Size
  
  357KB
- MD5
  
  9f975a5f43dfcfe20a12f62bc4052170
- SHA1
  
  c7bc077fc383b46f27dbc7bc6ede2685b714b24c
- SHA256
  
  68a744262f15853f21c5ac107b037102e914832861ae8f9f053b9de9ac048d47
- SHA512
  
  978cf07790ede37c70a95885c402fcc2d176d308ed256cfe015a62b5b312b1d104a910824984dfe47d9eb8a30a862666e87c8b8ec8ff1d2daeaedf9b65a2e440
- SSDEEP
  
  6144:mvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7o4:mvMQ5ibjnwka3pbRC19Gw/Nso4
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy