blackmoon | 709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2 | Triage

Submit
Reports

Overview

overview

Static

static

3

709a9db7cd...e2.exe

windows7-x64

709a9db7cd...e2.exe

windows10-2004-x64

Sharing

General

Target

709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2
Size

15.9MB
Sample

240523-24hbjach27
MD5

05dd335d65e9f5266d30395e8a81db13
SHA1

9e2279f1e25e41a4f3358b0411d57c3e216c40f1
SHA256

709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2
SHA512

7e6a190612acf34ae0877532bb63459d74f76be49c97cbbbd158f9a3371782d7bd6e877c10c6d509d43873af5709fdbd182feb65491fea7fb2ef4defbe652210
SSDEEP

393216:iOEk/5pGNvzdQknAmvMW7j3LhAvx33YddvrvqNgh4g0Oxn/u+Jh:1Ek/5pGpqIAmvMW7j3Lax3Y/Tqed0Otd

Score

10^/10

blackmoon banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2.exe

Resource

win7-20240419-en

blackmoon banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2
- Size
  
  15.9MB
- MD5
  
  05dd335d65e9f5266d30395e8a81db13
- SHA1
  
  9e2279f1e25e41a4f3358b0411d57c3e216c40f1
- SHA256
  
  709a9db7cd93596ea8af2ff334b291452d90c19f1a87445a98bdbc24af4f3be2
- SHA512
  
  7e6a190612acf34ae0877532bb63459d74f76be49c97cbbbd158f9a3371782d7bd6e877c10c6d509d43873af5709fdbd182feb65491fea7fb2ef4defbe652210
- SSDEEP
  
  393216:iOEk/5pGNvzdQknAmvMW7j3LhAvx33YddvrvqNgh4g0Oxn/u+Jh:1Ek/5pGpqIAmvMW7j3Lax3Y/Tqed0Otd
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy