blackmoon | f3bfda0b2e20813b00d9395fbfcfbe8e3f07e8005b205fda1a34323c8b40bdfd | Triage

Sharing

General

Target

928a697377a99794f0bd54c722b49003_JaffaCakes118
Size

21KB
Sample

241124-ezb8dstncy
MD5

928a697377a99794f0bd54c722b49003
SHA1

beb94e19a8224d30096f8f8ace7241dbbef7a32a
SHA256

f3bfda0b2e20813b00d9395fbfcfbe8e3f07e8005b205fda1a34323c8b40bdfd
SHA512

0cfe71c3fe9e32f4c98d89f28b4b5c6d74975eae7e37bdeccbb6b9d0b9557e56007bab2085b399efe9abe84fea8bf952bb9630fecc0ddc716f49868a48dc714d
SSDEEP

384:UVsH0dwo9FE2mZT4/YaJCEN/ZP/O3j+vNQeO6IZE73yeod48BlWY/VH+:UmUdwo9FE2OTI9Cu1AKvl5+i3kPBl3H+

Score

10^/10

blackmoon banker discovery trojan

Malware Config

Targets

- Target
  
  928a697377a99794f0bd54c722b49003_JaffaCakes118
- Size
  
  21KB
- MD5
  
  928a697377a99794f0bd54c722b49003
- SHA1
  
  beb94e19a8224d30096f8f8ace7241dbbef7a32a
- SHA256
  
  f3bfda0b2e20813b00d9395fbfcfbe8e3f07e8005b205fda1a34323c8b40bdfd
- SHA512
  
  0cfe71c3fe9e32f4c98d89f28b4b5c6d74975eae7e37bdeccbb6b9d0b9557e56007bab2085b399efe9abe84fea8bf952bb9630fecc0ddc716f49868a48dc714d
- SSDEEP
  
  384:UVsH0dwo9FE2mZT4/YaJCEN/ZP/O3j+vNQeO6IZE73yeod48BlWY/VH+:UmUdwo9FE2OTI9Cu1AKvl5+i3kPBl3H+
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2