blackmoon | 72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e | Triage

Submit
Reports

Overview

overview

Static

static

3

72887efa78...3e.exe

windows7-x64

72887efa78...3e.exe

windows10-2004-x64

Sharing

General

Target

72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e
Size

10.0MB
Sample

240524-dlvbdaba65
MD5

633201b7d6f9db6b3d16c2311aa18f74
SHA1

2b9aad4e27973888e783ee44b6a19ec13d2fbaa0
SHA256

72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e
SHA512

049d2ad749b19986dbd92eb663193f21091bcebd79cabba925f94f8404252b6f311e9f4e460a880751a478aa3e869973d554de4d214166ea0e93ea36b2771d84
SSDEEP

196608:Rkp9C4BFJ22I82me08gkG+9vcwCSk3yZOtiz6Kv2d205DkgpksUUMVd:R+s4D2rZgk7vGh3aO4z6BJ5DkAghd

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e
- Size
  
  10.0MB
- MD5
  
  633201b7d6f9db6b3d16c2311aa18f74
- SHA1
  
  2b9aad4e27973888e783ee44b6a19ec13d2fbaa0
- SHA256
  
  72887efa78795539be8d3a591410dc2fb163f37aebec49fbb808a88f9f8f9c3e
- SHA512
  
  049d2ad749b19986dbd92eb663193f21091bcebd79cabba925f94f8404252b6f311e9f4e460a880751a478aa3e869973d554de4d214166ea0e93ea36b2771d84
- SSDEEP
  
  196608:Rkp9C4BFJ22I82me08gkG+9vcwCSk3yZOtiz6Kv2d205DkgpksUUMVd:R+s4D2rZgk7vGh3aO4z6BJ5DkAghd
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy