blackmoon | ee65deaa7f90759d3173b3f58c7132919d3af6651bafc6c6a958def1829cc8b1 | Triage

Sharing

General

Target

ee65deaa7f90759d3173b3f58c7132919d3af6651bafc6c6a958def1829cc8b1
Size

9.0MB
Sample

240523-2eppbabd6v
MD5

bb6c513bd3df43e983fff8780f6f2026
SHA1

bef25b4488f3ff3ad2027852845d240ac71478cc
SHA256

ee65deaa7f90759d3173b3f58c7132919d3af6651bafc6c6a958def1829cc8b1
SHA512

4e6f9a9d2d1b2e29036f48ef95e45bea15ac750fbb5e8e8bf5a941e8d4a0cd4813356c69b7cb3057ddbec06264a28d5733cdef999cb1c048e70c9ab0298af270
SSDEEP

196608:nCJcDKlFBqkwDxURK8vyqByLdlf3hRQIgLKN:CODKlFBqHayOclfhRQIG2

Score

10^/10

blackmoon spyware stealer

Malware Config

Targets

- Target
  
  ee65deaa7f90759d3173b3f58c7132919d3af6651bafc6c6a958def1829cc8b1
- Size
  
  9.0MB
- MD5
  
  bb6c513bd3df43e983fff8780f6f2026
- SHA1
  
  bef25b4488f3ff3ad2027852845d240ac71478cc
- SHA256
  
  ee65deaa7f90759d3173b3f58c7132919d3af6651bafc6c6a958def1829cc8b1
- SHA512
  
  4e6f9a9d2d1b2e29036f48ef95e45bea15ac750fbb5e8e8bf5a941e8d4a0cd4813356c69b7cb3057ddbec06264a28d5733cdef999cb1c048e70c9ab0298af270
- SSDEEP
  
  196608:nCJcDKlFBqkwDxURK8vyqByLdlf3hRQIgLKN:CODKlFBqHayOclfhRQIG2
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2