blackmoon | 38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec | Triage

Submit
Reports

Overview

overview

Static

static

3

38b072d312...ec.exe

windows7-x64

38b072d312...ec.exe

windows10-2004-x64

Sharing

General

Target

38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec
Size

121KB
Sample

240614-zagf2aydlk
MD5

d4a42eab82887b1a8e1d1bfb7fe85ec0
SHA1

b7fdd663b27af066efc806beeb777e15ce0fff2f
SHA256

38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec
SHA512

e6943f6edc60830e75e51581839a4f681634d598f2d9a5f4c7d7f19ab9aad45b639766ef24e93c6fd1f01aa89ef7d9bef7d3b33e755a47359aeb91d01659b738
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDomRGApSuLAR2yPBCQ1nDFu1Q8sh:ymb3NkkiQ3mdBjFomR7UsyJC+n0GsgcK

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec.exe

Resource

win7-20240220-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec
- Size
  
  121KB
- MD5
  
  d4a42eab82887b1a8e1d1bfb7fe85ec0
- SHA1
  
  b7fdd663b27af066efc806beeb777e15ce0fff2f
- SHA256
  
  38b072d312bbe9ebe8dbf621a05b3be2b0fbab3cff8d562b081769e3886491ec
- SHA512
  
  e6943f6edc60830e75e51581839a4f681634d598f2d9a5f4c7d7f19ab9aad45b639766ef24e93c6fd1f01aa89ef7d9bef7d3b33e755a47359aeb91d01659b738
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDomRGApSuLAR2yPBCQ1nDFu1Q8sh:ymb3NkkiQ3mdBjFomR7UsyJC+n0GsgcK
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy