Overview

overview

10

Static

static

10

2024-11-22...ia.exe

windows7-x64

10

2024-11-22...ia.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-22_722b5820f98f75c2360b814ec4c3e916_mafia

  • Size

    1.7MB

  • Sample

    241122-p5tdza1kgy

  • MD5

    722b5820f98f75c2360b814ec4c3e916

  • SHA1

    6473c9cd1eb5a2f5afaba5cb8acf1164d5cab8b6

  • SHA256

    ebd8af92ff62b01bd96c587835de9e2d8863ef5e4d12b8e031ff8d6973754b7d

  • SHA512

    9b4a6eba4a5c261739cd738c33b9edc77829b9822867f985037383aabef305a532d105a7452f4519ff92bfb44d04ddbd225ea5d2ab367246284b619cd0e2633f

  • SSDEEP

    49152:6+lYMoRzGVMOiMeGP0NaPNcp0sUPYu7UGHMke:RllylGcaepMAOsk

Score
10/10
blackmoonbankerdiscoverytrojanupx

Malware Config

Targets

    • Target

      2024-11-22_722b5820f98f75c2360b814ec4c3e916_mafia

    • Size

      1.7MB

    • MD5

      722b5820f98f75c2360b814ec4c3e916

    • SHA1

      6473c9cd1eb5a2f5afaba5cb8acf1164d5cab8b6

    • SHA256

      ebd8af92ff62b01bd96c587835de9e2d8863ef5e4d12b8e031ff8d6973754b7d

    • SHA512

      9b4a6eba4a5c261739cd738c33b9edc77829b9822867f985037383aabef305a532d105a7452f4519ff92bfb44d04ddbd225ea5d2ab367246284b619cd0e2633f

    • SSDEEP

      49152:6+lYMoRzGVMOiMeGP0NaPNcp0sUPYu7UGHMke:RllylGcaepMAOsk

    Score
    10/10
    blackmoonbankerdiscoverytrojanupx

    • Blackmoon family

      blackmoon

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Drops startup file

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks