Overview

overview

10

Static

static

5

8a4bd9b703...c3.exe

windows7-x64

10

8a4bd9b703...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a4bd9b703c2e89b17e7a180cb57b3e287cafad8e9f53df6f6914240048af2c3.exe

  • Size

    79KB

  • Sample

    241218-2e2c4svkhx

  • MD5

    cb863cf8e93ff7a43298f94c189444f3

  • SHA1

    3588f9310b77dbf1090386779171d43b3650f89e

  • SHA256

    8a4bd9b703c2e89b17e7a180cb57b3e287cafad8e9f53df6f6914240048af2c3

  • SHA512

    449141698b3ab7120a47c017e3c2c91b2df0874e0916db01ac9fd6c123684116006c8112987981807f664c2298e00ed911efddd0c8dc047bb03804d120221841

  • SSDEEP

    1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy82F13w1rCJtzx8/p7ke2B:xhOmTsF93UYfwC6GIout03LzGFE

Score
10/10
blackmoonbankerdiscoverytrojanupx

Malware Config

Targets

    • Target

      8a4bd9b703c2e89b17e7a180cb57b3e287cafad8e9f53df6f6914240048af2c3.exe

    • Size

      79KB

    • MD5

      cb863cf8e93ff7a43298f94c189444f3

    • SHA1

      3588f9310b77dbf1090386779171d43b3650f89e

    • SHA256

      8a4bd9b703c2e89b17e7a180cb57b3e287cafad8e9f53df6f6914240048af2c3

    • SHA512

      449141698b3ab7120a47c017e3c2c91b2df0874e0916db01ac9fd6c123684116006c8112987981807f664c2298e00ed911efddd0c8dc047bb03804d120221841

    • SSDEEP

      1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy82F13w1rCJtzx8/p7ke2B:xhOmTsF93UYfwC6GIout03LzGFE

    Score
    10/10
    blackmoonbankerdiscoverytrojanupx

    • Blackmoon family

      blackmoon

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks