blackmoon | ccc9f3d84c2251de94f54d03c62257b21ec7eeef29c16931fae4e06ef367c3fe | Triage

Submit
Reports

Overview

overview

Static

static

7

LDvar.exe

windows7-x64

LDvar.exe

windows10-2004-x64

Sharing

General

Target

LDvar.exe
Size

8.4MB
Sample

241023-kxvjva1ejd
MD5

2d7b09cd5f12fb6a3fc07e269a639051
SHA1

d06feae2a5289e717ce173398754fa1a9b96e874
SHA256

ccc9f3d84c2251de94f54d03c62257b21ec7eeef29c16931fae4e06ef367c3fe
SHA512

fc36080c9cfe80948d048b027f365d76f93c186e12d359bb6768b8e91563c26790db9ca14b09c0c5d8d0575bef0f39992ac2a1bb06af367ee4a06dfd0b4cebc0
SSDEEP

196608:uRUxISBSxiw0pACjs/V7Uu8qGZRErzqCBa/8bJ225iStHg3:uuhBZyVP8PZREr7azIFt2

Score

10^/10

blackmoon banker discovery trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

LDvar.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan vmprotect

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

LDvar.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan vmprotect

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  LDvar.exe
- Size
  
  8.4MB
- MD5
  
  2d7b09cd5f12fb6a3fc07e269a639051
- SHA1
  
  d06feae2a5289e717ce173398754fa1a9b96e874
- SHA256
  
  ccc9f3d84c2251de94f54d03c62257b21ec7eeef29c16931fae4e06ef367c3fe
- SHA512
  
  fc36080c9cfe80948d048b027f365d76f93c186e12d359bb6768b8e91563c26790db9ca14b09c0c5d8d0575bef0f39992ac2a1bb06af367ee4a06dfd0b4cebc0
- SSDEEP
  
  196608:uRUxISBSxiw0pACjs/V7Uu8qGZRErzqCBa/8bJ225iStHg3:uuhBZyVP8PZREr7azIFt2
Score

10^/10

blackmoon banker discovery trojan vmprotect
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanvmprotect

behavioral2

blackmoonbankerdiscoverytrojanvmprotect

© 2018-2024

Terms | Privacy