blackmoon | 93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061f | Triage

Submit
Reports

Overview

overview

Static

static

93d6b0f5ae...fN.exe

windows7-x64

93d6b0f5ae...fN.exe

windows10-2004-x64

Sharing

General

Target

93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061fN.exe
Size

1.6MB
Sample

241124-kn2a2aylgm
MD5

d65cb0200ab0c58bdac3c83727f8bb00
SHA1

418f7071f1b36c96db4573c6b477de8572af631e
SHA256

93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061f
SHA512

843b4fc6bc7423eb6eac4109e314f88878a483fbf370d54ce4d242297e264703fdcba060c55798ae571517c8711d5f568f531035a612d2bdd071e621f4911eb0
SSDEEP

24576:CrtSzyNr05PcgOzXQleqH7jJ34vNkzU9DbdYrN/IyX5iICqBh3SWgSklWnyu:CY60WXkTjF4veUUrN/IycI7BST1Wnyu

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061fN.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061fN.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan

windows10-2004-x64

11 signatures

120 seconds

Malware Config

Targets

- Target
  
  93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061fN.exe
- Size
  
  1.6MB
- MD5
  
  d65cb0200ab0c58bdac3c83727f8bb00
- SHA1
  
  418f7071f1b36c96db4573c6b477de8572af631e
- SHA256
  
  93d6b0f5ae6efa4e5bae7c1299bbbc45f56e6fc98e0c920d2c403ed6d1b3061f
- SHA512
  
  843b4fc6bc7423eb6eac4109e314f88878a483fbf370d54ce4d242297e264703fdcba060c55798ae571517c8711d5f568f531035a612d2bdd071e621f4911eb0
- SSDEEP
  
  24576:CrtSzyNr05PcgOzXQleqH7jJ34vNkzU9DbdYrN/IyX5iICqBh3SWgSklWnyu:CY60WXkTjF4veUUrN/IycI7BST1Wnyu
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2024

Terms | Privacy