blackmoon | 36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac | Triage

Submit
Reports

Overview

overview

Static

static

3

36bdcbc3d5...ac.exe

windows7-x64

36bdcbc3d5...ac.exe

windows10-2004-x64

Sharing

General

Target

36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac
Size

15.2MB
Sample

240524-ejwl4acc7y
MD5

1e07d826c0967e24f47cc617a259d72a
SHA1

7e2f81a3cc1e1969b8528d7a0742b01e54c95a6b
SHA256

36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac
SHA512

f404a45c12c431562cf14b40075cf17d14ad0763cf2d9972a15f9ff54cd1b63f9b751aa6b79fcb79fc0a6c0ba651b2ec4f8a9e225026beb87f8c22ecaf09bbda
SSDEEP

393216:iOPpGNvJIOf+ijdxatcx5lS2KIRSgCXEPTwFk8s:1PpGUOf+iTscvlaI9ik8s

Score

10^/10

blackmoon banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac.exe

Resource

win7-20231129-en

blackmoon banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac
- Size
  
  15.2MB
- MD5
  
  1e07d826c0967e24f47cc617a259d72a
- SHA1
  
  7e2f81a3cc1e1969b8528d7a0742b01e54c95a6b
- SHA256
  
  36bdcbc3d58461630c1277f2453ed1edde29d56c45fbb6231a5a7777726e66ac
- SHA512
  
  f404a45c12c431562cf14b40075cf17d14ad0763cf2d9972a15f9ff54cd1b63f9b751aa6b79fcb79fc0a6c0ba651b2ec4f8a9e225026beb87f8c22ecaf09bbda
- SSDEEP
  
  393216:iOPpGNvJIOf+ijdxatcx5lS2KIRSgCXEPTwFk8s:1PpGUOf+iTscvlaI9ik8s
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy