Overview

overview

10

Static

static

5

ccb3bacaf8...93.exe

windows7-x64

10

ccb3bacaf8...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ccb3bacaf837b42216177f0b670088d8ebfae2906f5a8afd59167a8e1fb35193

  • Size

    11.3MB

  • Sample

    241220-qc1g9axlel

  • MD5

    527d418380b0e7abe98d699458c8a73d

  • SHA1

    e91358f1ea03727bbf4e1fc16c4e544fb04ae9e0

  • SHA256

    ccb3bacaf837b42216177f0b670088d8ebfae2906f5a8afd59167a8e1fb35193

  • SHA512

    ad44c91b5e0aadd11bacd79d1d442c68780dffe4538b9563e5cc940a5bef667277da92692e2b4706e60044bee32ea9d73392d9ced7207b0f6d0834052377e518

  • SSDEEP

    196608:l1AJb80lqV+MKoZqbfCJ22zUVAmKCOhjSG9xMNp2LQ99jFx+NE51hANP6MoFfAm3:LAJb80AVAI2mUVAmqSYxdk2ohaP6MmYk

Score
10/10
blackmoonbankerdiscoveryphishingtrojanupx

Malware Config

Targets

    • Target

      ccb3bacaf837b42216177f0b670088d8ebfae2906f5a8afd59167a8e1fb35193

    • Size

      11.3MB

    • MD5

      527d418380b0e7abe98d699458c8a73d

    • SHA1

      e91358f1ea03727bbf4e1fc16c4e544fb04ae9e0

    • SHA256

      ccb3bacaf837b42216177f0b670088d8ebfae2906f5a8afd59167a8e1fb35193

    • SHA512

      ad44c91b5e0aadd11bacd79d1d442c68780dffe4538b9563e5cc940a5bef667277da92692e2b4706e60044bee32ea9d73392d9ced7207b0f6d0834052377e518

    • SSDEEP

      196608:l1AJb80lqV+MKoZqbfCJ22zUVAmKCOhjSG9xMNp2LQ99jFx+NE51hANP6MoFfAm3:LAJb80AVAI2mUVAmqSYxdk2ohaP6MmYk

    Score
    10/10
    blackmoonbankerdiscoveryphishingtrojanupx

    • Blackmoon family

      blackmoon

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • A potential corporate email address has been identified in the URL: png@3x

      phishing

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks