blackmoon | f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b | Triage

Submit
Reports

Overview

overview

Static

static

5

f3f46d5d76...6b.exe

windows7-x64

f3f46d5d76...6b.exe

windows10-2004-x64

Sharing

General

Target

f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b
Size

279KB
Sample

241121-n9779awpel
MD5

a6338d44d67e6aebf0ee9238d763e373
SHA1

61c94865eb4b69743729dd09f3f0c7b98e49cf42
SHA256

f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b
SHA512

93fa35a0db5440b5e08bfc1b82afe76090372412ae5c4a051a333934ae79655fee36a6a386401dfac89be3b5effc2c2f2c3495024427285e31518309280563cc
SSDEEP

6144:ncm4FmowdHoS6rW3NNTvBu6wo2J4JAgNXkArR/rtXOLtu4J6KvvLp3OKtUuuuTEO:14wFHoSeM/Tpu6w14JAOkIRhOBu4JhvB

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b
- Size
  
  279KB
- MD5
  
  a6338d44d67e6aebf0ee9238d763e373
- SHA1
  
  61c94865eb4b69743729dd09f3f0c7b98e49cf42
- SHA256
  
  f3f46d5d76f5ab03b21f514c90b7de29941cc0c245b2afff940b092363b3ec6b
- SHA512
  
  93fa35a0db5440b5e08bfc1b82afe76090372412ae5c4a051a333934ae79655fee36a6a386401dfac89be3b5effc2c2f2c3495024427285e31518309280563cc
- SSDEEP
  
  6144:ncm4FmowdHoS6rW3NNTvBu6wo2J4JAgNXkArR/rtXOLtu4J6KvvLp3OKtUuuuTEO:14wFHoSeM/Tpu6w14JAOkIRhOBu4JhvB
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy