blackmoon | 926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5 | Triage

Submit
Reports

Overview

overview

Static

static

3

926847c64b...e5.exe

windows7-x64

926847c64b...e5.exe

windows10-2004-x64

Sharing

General

Target

926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5
Size

453KB
Sample

241122-chfs5ssjgs
MD5

f0669a0ecc6efac4e3159d57b9ce7ee9
SHA1

6e9abbd2a5e52fb8dd8023332cc7f593c2bf6798
SHA256

926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5
SHA512

3b46cfe494247febf41d5d9edd315ab01e0081eb21a7d678e44378a10434eae33d53b35295d481cf9ccae7cd32fa497f9869be5dbc974339d88eb48e01bcdaf0
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5.exe

Resource

win7-20241010-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5
- Size
  
  453KB
- MD5
  
  f0669a0ecc6efac4e3159d57b9ce7ee9
- SHA1
  
  6e9abbd2a5e52fb8dd8023332cc7f593c2bf6798
- SHA256
  
  926847c64bbe37f6f2dd316ed6339a8dcebb78cbadb7a8828cb1ff068dc2f8e5
- SHA512
  
  3b46cfe494247febf41d5d9edd315ab01e0081eb21a7d678e44378a10434eae33d53b35295d481cf9ccae7cd32fa497f9869be5dbc974339d88eb48e01bcdaf0
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeV:q7Tc2NYHUrAwfMp3CDV
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy