blackmoon | ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31 | Triage

Submit
Reports

Overview

overview

Static

static

3

ef82f37bd1...31.exe

windows7-x64

ef82f37bd1...31.exe

windows10-2004-x64

Sharing

General

Target

ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31
Size

2.2MB
Sample

241122-w72lpawkhs
MD5

863b6101c87ee79deae663fbf29ca9d8
SHA1

97b1118f25c65250558bb5a56096b68cb47f05e7
SHA256

ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31
SHA512

8d17eccd4be7b68bf9667bd482ce4e5a29cf3210ad0056c9e40f0800d2c83ddcf6690e178d17d991ffb9ef9e4b79d75abeedf40ffff0ddbd5730e76aef7a76f0
SSDEEP

49152:V4X55hPwULkM4/XEuGP0vbutak05JJhpjLefDxMROcXcl:V4XRPrv4/9tb5JJhNKL5c

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31.exe

Resource

win7-20241010-en

blackmoon banker discovery trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31
- Size
  
  2.2MB
- MD5
  
  863b6101c87ee79deae663fbf29ca9d8
- SHA1
  
  97b1118f25c65250558bb5a56096b68cb47f05e7
- SHA256
  
  ef82f37bd19aa33843c0fba9cf6661961e8eb271fe8e6c503a32bb5aacaa0b31
- SHA512
  
  8d17eccd4be7b68bf9667bd482ce4e5a29cf3210ad0056c9e40f0800d2c83ddcf6690e178d17d991ffb9ef9e4b79d75abeedf40ffff0ddbd5730e76aef7a76f0
- SSDEEP
  
  49152:V4X55hPwULkM4/XEuGP0vbutak05JJhpjLefDxMROcXcl:V4XRPrv4/9tb5JJhNKL5c
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2024

Terms | Privacy