blackmoon | 9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c | Triage

Submit
Reports

Overview

overview

Static

static

3

9111c52897...2c.exe

windows7-x64

9111c52897...2c.exe

windows10-2004-x64

Sharing

General

Target

9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c
Size

15.3MB
Sample

240524-mxnseaed54
MD5

316c71ef7b1264b178b5931c4edebabf
SHA1

01ab726f77ad4acda9bd2ab128592ef3d18c3d20
SHA256

9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c
SHA512

653743bc9bf87756f37fa59b9e3e989ef5feb56b2c3b24f3db9b14645b34c5321846690f2c5a3c1ba86390a1853d09c5bc53ae81df72113a3d5bbe6899ca59a3
SSDEEP

393216:iOvk1pGNvFdl2UN3LhAvxyhmK88ciCl5vdopr:1vk1pGfr2UN3LakhmXvlNd+

Score

10^/10

blackmoon banker trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c.exe

Resource

win7-20240215-en

blackmoon banker trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c
- Size
  
  15.3MB
- MD5
  
  316c71ef7b1264b178b5931c4edebabf
- SHA1
  
  01ab726f77ad4acda9bd2ab128592ef3d18c3d20
- SHA256
  
  9111c5289740722aa6f848549da1f7463d9107d99b459952eac0d97e63e1d92c
- SHA512
  
  653743bc9bf87756f37fa59b9e3e989ef5feb56b2c3b24f3db9b14645b34c5321846690f2c5a3c1ba86390a1853d09c5bc53ae81df72113a3d5bbe6899ca59a3
- SSDEEP
  
  393216:iOvk1pGNvFdl2UN3LhAvxyhmK88ciCl5vdopr:1vk1pGfr2UN3LakhmXvlNd+
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2024

Terms | Privacy