blackmoon | 4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d | Triage

Submit
Reports

Overview

overview

Static

static

5

4ccaca10d8...8d.exe

windows7-x64

4ccaca10d8...8d.exe

windows10-2004-x64

Sharing

General

Target

4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d
Size

334KB
Sample

241122-164rwawrem
MD5

a3dbbd28f2a2d907d8b5433ae6909a96
SHA1

7a479aea6032abb1c4b75ab2c576fcf5856f1f1d
SHA256

4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d
SHA512

29edaa4cd14c9de5d037bb81f01ae52a650334d18f7b1dcab80047d696a70df2d9bf46f37e61d5b94a03ccce77d18440f069c8356612abea29b044e2789018eb
SSDEEP

6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRO:R4wFHoSHYHUrAwfMp3CDRO

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d.exe

Resource

win7-20241023-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d
- Size
  
  334KB
- MD5
  
  a3dbbd28f2a2d907d8b5433ae6909a96
- SHA1
  
  7a479aea6032abb1c4b75ab2c576fcf5856f1f1d
- SHA256
  
  4ccaca10d878daadbf4cf83be9561206691fc89dee26ac027c78eddefb88228d
- SHA512
  
  29edaa4cd14c9de5d037bb81f01ae52a650334d18f7b1dcab80047d696a70df2d9bf46f37e61d5b94a03ccce77d18440f069c8356612abea29b044e2789018eb
- SSDEEP
  
  6144:Lcm4FmowdHoSHt251UriZFwfsDX2UznsaFVNJCMKAbeRO:R4wFHoSHYHUrAwfMp3CDRO
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy