blackmoon | 3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927 | Triage

Submit
Reports

Overview

overview

Static

static

3a55041887...27.exe

windows10-1703-x64

Resubmissions

23-05-2024 18:27

240523-w3r7fsbh23 10

Sharing

General

Target

3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927
Size

4.5MB
Sample

240524-trbn8aca68
MD5

c92e7af912704761a33d763fe1244c5d
SHA1

b20b0e4e061f2fd4088036f5f6138cee5019624a
SHA256

3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927
SHA512

53771164320add74fab50d0e550a19e6aa2c45d2bfcf90fdf08cd3318e8303076134f7c4b06c0b96782292382ac80c6b85d1873791dc159790b68650d1016db9
SSDEEP

49152:xNIlBFEedDqnroHO8wOZHOlvbuambSIN+6a9AknH:xNI7cnsHtvZHUbmb/+TK

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927.exe

Resource

win10-20240404-en

blackmoon banker trojan upx

windows10-1703-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927
- Size
  
  4.5MB
- MD5
  
  c92e7af912704761a33d763fe1244c5d
- SHA1
  
  b20b0e4e061f2fd4088036f5f6138cee5019624a
- SHA256
  
  3a55041887c1b9a668087e4d36171162d6370a6b12176a121f491a3c9689d927
- SHA512
  
  53771164320add74fab50d0e550a19e6aa2c45d2bfcf90fdf08cd3318e8303076134f7c4b06c0b96782292382ac80c6b85d1873791dc159790b68650d1016db9
- SSDEEP
  
  49152:xNIlBFEedDqnroHO8wOZHOlvbuambSIN+6a9AknH:xNI7cnsHtvZHUbmb/+TK
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Drops file in Drivers directory
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy