blackmoon | 3ae9e6413dfeab7c352a6725d94781fef66da320691760173b8973b63607e00d | Triage

Submit
Reports

Overview

overview

Static

static

3

62aa951d7c...18.dll

windows7-x64

62aa951d7c...18.dll

windows10-2004-x64

Sharing

General

Target

62aa951d7c043b9ab09eba4cf190a8a0_JaffaCakes118
Size

1.3MB
Sample

240722-laarlazgnk
MD5

62aa951d7c043b9ab09eba4cf190a8a0
SHA1

98100b81d653034bdc269ca74609466d6bd7f1a4
SHA256

3ae9e6413dfeab7c352a6725d94781fef66da320691760173b8973b63607e00d
SHA512

417c2a6828e5122731c7300eedc55e3f73a0a5691a7f14d7fe20cf39aa2c887e0b21d8e6527fcf3dc296c08507f4389078bb0b76f04199501adcde474fcd2826
SSDEEP

12288:0DF3Jd1x080T/mlJpA/77Z8ZKdo/SMZoSr2SnPiXiydhwXGGGGXdhw7Q3:0DD2TmfpA/776KlMPZPiXJdcdMg

Score

10^/10

blackmoon aspackv2 banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

62aa951d7c043b9ab09eba4cf190a8a0_JaffaCakes118.dll

Resource

win7-20240704-en

blackmoon aspackv2 banker trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

62aa951d7c043b9ab09eba4cf190a8a0_JaffaCakes118.dll

Resource

win10v2004-20240709-en

blackmoon aspackv2 banker trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  62aa951d7c043b9ab09eba4cf190a8a0_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  62aa951d7c043b9ab09eba4cf190a8a0
- SHA1
  
  98100b81d653034bdc269ca74609466d6bd7f1a4
- SHA256
  
  3ae9e6413dfeab7c352a6725d94781fef66da320691760173b8973b63607e00d
- SHA512
  
  417c2a6828e5122731c7300eedc55e3f73a0a5691a7f14d7fe20cf39aa2c887e0b21d8e6527fcf3dc296c08507f4389078bb0b76f04199501adcde474fcd2826
- SSDEEP
  
  12288:0DF3Jd1x080T/mlJpA/77Z8ZKdo/SMZoSr2SnPiXiydhwXGGGGXdhw7Q3:0DD2TmfpA/776KlMPZPiXJdcdMg
Score

10^/10

blackmoon aspackv2 banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonaspackv2bankertrojanupx

behavioral2

blackmoonaspackv2bankertrojanupx

© 2018-2025

Terms | Privacy