blackmoon | bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162 | Triage

Submit
Reports

Overview

overview

Static

static

bc2ca3b6be...62.exe

windows7-x64

bc2ca3b6be...62.exe

windows10-2004-x64

Sharing

General

Target

bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162
Size

338KB
Sample

240615-bv146syajr
MD5

f3dbd1a54aae993c098ce02a5cd30c50
SHA1

113e20423b007c7556df3f61035c3fa059127b6a
SHA256

bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162
SHA512

a8f1a49f6a84e4181f492d81cc018dc67e9bb798ff918442006d6ba2c90eae83be46846a75b52de8ede11f357620d7821e337581b9bcdf545fc1a2e5bf011eba
SSDEEP

6144:Kcm4FmowdHoSKAszBd+aQz0192lTk1ycUkpCnAUo0Leu2tZGnOiQ3jiDQIZbdVnf:U4wFHoSK1zBjA892lY196AUo0LX2tZqt

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162
- Size
  
  338KB
- MD5
  
  f3dbd1a54aae993c098ce02a5cd30c50
- SHA1
  
  113e20423b007c7556df3f61035c3fa059127b6a
- SHA256
  
  bc2ca3b6bebb76a6e2ea43698082ecd4279a1d3a662785c97c411d605212b162
- SHA512
  
  a8f1a49f6a84e4181f492d81cc018dc67e9bb798ff918442006d6ba2c90eae83be46846a75b52de8ede11f357620d7821e337581b9bcdf545fc1a2e5bf011eba
- SSDEEP
  
  6144:Kcm4FmowdHoSKAszBd+aQz0192lTk1ycUkpCnAUo0Leu2tZGnOiQ3jiDQIZbdVnf:U4wFHoSK1zBjA892lY196AUo0LX2tZqt
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy