blackmoon | 7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e | Triage

Submit
Reports

Overview

overview

Static

static

3

7f64ff1d48...0e.exe

windows7-x64

7f64ff1d48...0e.exe

windows10-2004-x64

Sharing

General

Target

7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e.exe
Size

74KB
Sample

241123-qklztssjal
MD5

c9cc7f43112a69992bd5c7adc86f70ef
SHA1

24bcfef4c7440ae54398e9915ee3c9643da57ca6
SHA256

7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e
SHA512

569d4305f4fc15aecd0475c7e5b03207567508aa3366d62e6939d60794084f48dc9232bf44e6d1e8e85bb70043b0df34b2cac08299d0f9b813842dbd91064444
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfot3eD:ymb3NkkiQ3mdBjFWXkj7afo6

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e.exe
- Size
  
  74KB
- MD5
  
  c9cc7f43112a69992bd5c7adc86f70ef
- SHA1
  
  24bcfef4c7440ae54398e9915ee3c9643da57ca6
- SHA256
  
  7f64ff1d4813dfe2e0da443ab23eb2a3cf4bbaa19defc8e391790ff012dafa0e
- SHA512
  
  569d4305f4fc15aecd0475c7e5b03207567508aa3366d62e6939d60794084f48dc9232bf44e6d1e8e85bb70043b0df34b2cac08299d0f9b813842dbd91064444
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDWiekja1br3GGBxfot3eD:ymb3NkkiQ3mdBjFWXkj7afo6
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy