Overview

overview

10

Static

static

10

2024-05-23...id.exe

windows7-x64

10

2024-05-23...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_208e9748f5d0712b088aa7cddf87e4cc_icedid

  • Size

    2.3MB

  • Sample

    240523-dz3jxacb9y

  • MD5

    208e9748f5d0712b088aa7cddf87e4cc

  • SHA1

    4a6a389eeeac68f656863c2012a0777e02b0fa28

  • SHA256

    90a900d4e2e9ec7d152959669f82ab23ff485373baf2baa11c05863e434d9818

  • SHA512

    23313e605c4aef02b38191f09fd3b5fa88f9a645b5ce176dff477b602b48e1dbf83e06bc47a440dff2a190030f48315c381688b3005f799c97c14baaeaf7a86d

  • SSDEEP

    49152:RpV+mAfpE459XUWixlVkw5d2Bn2ln5Kd5WDAfOJvX4:R+mAfpE459XUWiLVzD2Bn2Gd5WkSX

Score
10/10
blackmoonbankertrojan

Malware Config

Targets

    • Target

      2024-05-23_208e9748f5d0712b088aa7cddf87e4cc_icedid

    • Size

      2.3MB

    • MD5

      208e9748f5d0712b088aa7cddf87e4cc

    • SHA1

      4a6a389eeeac68f656863c2012a0777e02b0fa28

    • SHA256

      90a900d4e2e9ec7d152959669f82ab23ff485373baf2baa11c05863e434d9818

    • SHA512

      23313e605c4aef02b38191f09fd3b5fa88f9a645b5ce176dff477b602b48e1dbf83e06bc47a440dff2a190030f48315c381688b3005f799c97c14baaeaf7a86d

    • SSDEEP

      49152:RpV+mAfpE459XUWixlVkw5d2Bn2ln5Kd5WDAfOJvX4:R+mAfpE459XUWiLVzD2Bn2Gd5WkSX

    Score
    10/10
    blackmoonbankertrojan

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Detects executables packed with VMProtect.

    • UPX dump on OEP (original entry point)

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks