blackmoon | b56c6978d472f770b7c8d67b2fb070f134a1b42a7d55db3113b5a72c0a4ef9cf | Triage

Sharing

General

Target

b56c6978d472f770b7c8d67b2fb070f134a1b42a7d55db3113b5a72c0a4ef9cf
Size

9.0MB
Sample

240523-zftnjsfe5z
MD5

51951aa77e126da743da5d18fe103888
SHA1

bbd71a5e0a3b3a7efb522e1b2272ab02a29aef1d
SHA256

b56c6978d472f770b7c8d67b2fb070f134a1b42a7d55db3113b5a72c0a4ef9cf
SHA512

23181a364c153930270c00a1c532c7b9008d50d0efb484c9f77f81e0ff76e0730ff1bf280c82fc6c6a167ffc948afd66a412f4b102ed371722a0d114e5eebfe1
SSDEEP

196608:neJcDKlFBqZcPzFwDxURK8vyqByLdlf3hRQIgLKN:eODKlFBqauayOclfhRQIG2

Score

10^/10

blackmoon spyware stealer

Malware Config

Targets

- Target
  
  b56c6978d472f770b7c8d67b2fb070f134a1b42a7d55db3113b5a72c0a4ef9cf
- Size
  
  9.0MB
- MD5
  
  51951aa77e126da743da5d18fe103888
- SHA1
  
  bbd71a5e0a3b3a7efb522e1b2272ab02a29aef1d
- SHA256
  
  b56c6978d472f770b7c8d67b2fb070f134a1b42a7d55db3113b5a72c0a4ef9cf
- SHA512
  
  23181a364c153930270c00a1c532c7b9008d50d0efb484c9f77f81e0ff76e0730ff1bf280c82fc6c6a167ffc948afd66a412f4b102ed371722a0d114e5eebfe1
- SSDEEP
  
  196608:neJcDKlFBqZcPzFwDxURK8vyqByLdlf3hRQIgLKN:eODKlFBqauayOclfhRQIG2
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2