blackmoon | 00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899 | Triage

Submit
Reports

Overview

overview

Static

static

3

00bff1000e...99.exe

windows7-x64

00bff1000e...99.exe

windows10-2004-x64

Sharing

General

Target

00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899
Size

370KB
Sample

240614-wqg6qa1djd
MD5

5810a9db95068290662a6f70a6edb801
SHA1

b832a92d8a64ff6de6f6f0ae9ab0e8e1b47011d3
SHA256

00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899
SHA512

564097a67bfa11b9cc99fdb757e0bb0994d1d64da36c3901f735a43ec9b5831658f08beae5a33bb916172cb9077ac6d47577523db7979b30df2b306282811691
SSDEEP

6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMD:n3C9uYA7i3/stR9HGYyvtTxTKMc

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899
- Size
  
  370KB
- MD5
  
  5810a9db95068290662a6f70a6edb801
- SHA1
  
  b832a92d8a64ff6de6f6f0ae9ab0e8e1b47011d3
- SHA256
  
  00bff1000e9f0ed7c0f1d3c48992a385be0ae588e3cfb0eab7353b53f72ae899
- SHA512
  
  564097a67bfa11b9cc99fdb757e0bb0994d1d64da36c3901f735a43ec9b5831658f08beae5a33bb916172cb9077ac6d47577523db7979b30df2b306282811691
- SSDEEP
  
  6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMD:n3C9uYA7i3/stR9HGYyvtTxTKMc
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy