blackmoon | 98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6 | Triage

Submit
Reports

Overview

overview

Static

static

3

98973006f9...c6.exe

windows7-x64

98973006f9...c6.exe

windows10-2004-x64

Sharing

General

Target

98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6
Size

78KB
Sample

240524-a7ma4sfd47
MD5

2322231f93a311f16f07540eca337b90
SHA1

5e8e1497d84d01135231a9b467560f5a2ae22354
SHA256

98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6
SHA512

8b5f48a11403280323619dc02c79969c6c0a5121e1e3792ebbdfd992878878f1d2210f44fa4719b62179da10fd73f29e5168b93ba54e22c9fe9daedf4d6ea065
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPV790638ilX:ymb3NkkiQ3mdBjFIfvTfCD+HlQgViJ

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6
- Size
  
  78KB
- MD5
  
  2322231f93a311f16f07540eca337b90
- SHA1
  
  5e8e1497d84d01135231a9b467560f5a2ae22354
- SHA256
  
  98973006f951fa662bdd11a4a51b86240ccd63dd45473e2ea01be974e4469dc6
- SHA512
  
  8b5f48a11403280323619dc02c79969c6c0a5121e1e3792ebbdfd992878878f1d2210f44fa4719b62179da10fd73f29e5168b93ba54e22c9fe9daedf4d6ea065
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPV790638ilX:ymb3NkkiQ3mdBjFIfvTfCD+HlQgViJ
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy