blackmoon | 2766a48ab490f4b8c03f745b0445b0e45301bc927e4cc8581eaf9de41d66b1d2 | Triage

Submit
Reports

Overview

overview

Static

static

3

02c2e6a174...18.exe

windows7-x64

02c2e6a174...18.exe

windows10-2004-x64

Sharing

General

Target

02c2e6a174e98ebf3cf4c2335e1179fa_JaffaCakes118
Size

95KB
Sample

240727-3r3mdaycrg
MD5

02c2e6a174e98ebf3cf4c2335e1179fa
SHA1

d141daef1610d075c5cf6f2d9f1773ce0a0dbae1
SHA256

2766a48ab490f4b8c03f745b0445b0e45301bc927e4cc8581eaf9de41d66b1d2
SHA512

4e48a8fa9b8d89d9aa3ce4ed8b73a0446b078f1112edf97b2f14fe8ee589d58e59e93b9a8336a7abdfac51fab59ab861673be72505e9dd2f27fc2aea0c6737c9
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+mzv7oEzNcI2gxprr4H8YoC:ymb3NkkiQ3mdBjF+3TYzvTbrr4Hj

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

02c2e6a174e98ebf3cf4c2335e1179fa_JaffaCakes118.exe

Resource

win7-20240729-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

02c2e6a174e98ebf3cf4c2335e1179fa_JaffaCakes118.exe

Resource

win10v2004-20240709-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  02c2e6a174e98ebf3cf4c2335e1179fa_JaffaCakes118
- Size
  
  95KB
- MD5
  
  02c2e6a174e98ebf3cf4c2335e1179fa
- SHA1
  
  d141daef1610d075c5cf6f2d9f1773ce0a0dbae1
- SHA256
  
  2766a48ab490f4b8c03f745b0445b0e45301bc927e4cc8581eaf9de41d66b1d2
- SHA512
  
  4e48a8fa9b8d89d9aa3ce4ed8b73a0446b078f1112edf97b2f14fe8ee589d58e59e93b9a8336a7abdfac51fab59ab861673be72505e9dd2f27fc2aea0c6737c9
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+mzv7oEzNcI2gxprr4H8YoC:ymb3NkkiQ3mdBjF+3TYzvTbrr4Hj
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy