blackmoon | c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4 | Triage

Submit
Reports

Overview

overview

Static

static

3

c3f3b6d9d9...b4.exe

windows7-x64

c3f3b6d9d9...b4.exe

windows10-2004-x64

Sharing

General

Target

c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4
Size

14.6MB
Sample

241010-f3x5pstfqr
MD5

71a5bdbba9459a53a4a576b128caeac3
SHA1

b864162ee63d7712455e658ac6df0134cc37806c
SHA256

c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4
SHA512

78a77aa4fda4c052e3edd15ee5828815e828f4f092b4d77c6d5238d107e7ace2c8ed00501ed49d7cec913cce377bd551964c475c6f505f6c418ef81a48a1ea20
SSDEEP

393216:iOpL7YRun1xp78qLoRWSYgbr559P93cQFWoK8tCxfprHHKe:1pLqiLp+YCr9PJZWQt495

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4
- Size
  
  14.6MB
- MD5
  
  71a5bdbba9459a53a4a576b128caeac3
- SHA1
  
  b864162ee63d7712455e658ac6df0134cc37806c
- SHA256
  
  c3f3b6d9d9c9cf28b1da9f6d36700e1018abe1bcf95e052879978786fd47e8b4
- SHA512
  
  78a77aa4fda4c052e3edd15ee5828815e828f4f092b4d77c6d5238d107e7ace2c8ed00501ed49d7cec913cce377bd551964c475c6f505f6c418ef81a48a1ea20
- SSDEEP
  
  393216:iOpL7YRun1xp78qLoRWSYgbr559P93cQFWoK8tCxfprHHKe:1pLqiLp+YCr9PJZWQt495
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2025

Terms | Privacy