blackmoon | 1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a | Triage

Submit
Reports

Overview

overview

Static

static

3

1059e3f988...3a.exe

windows7-x64

1059e3f988...3a.exe

windows10-2004-x64

Sharing

General

Target

1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a
Size

453KB
Sample

241222-yhqt1axnbk
MD5

309cf5664152150b0b76a54ada527794
SHA1

0590568a2a5433d59efd56c36ab8bc5009486cc5
SHA256

1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a
SHA512

44af26fcee99182cbb09695fca3f8f6b4a7d2d053dd9ac8c8ac9ec319781191631aae9ac28d7a781b597423de438ea2f99b19d2d4aa8d2f55f693a25daa24c43
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeU:q7Tc2NYHUrAwfMp3CDU

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a.exe

Resource

win7-20241023-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a
- Size
  
  453KB
- MD5
  
  309cf5664152150b0b76a54ada527794
- SHA1
  
  0590568a2a5433d59efd56c36ab8bc5009486cc5
- SHA256
  
  1059e3f9885ba44e386bfdccb4dffffb72cd1ac52617b408987a46f17f8f713a
- SHA512
  
  44af26fcee99182cbb09695fca3f8f6b4a7d2d053dd9ac8c8ac9ec319781191631aae9ac28d7a781b597423de438ea2f99b19d2d4aa8d2f55f693a25daa24c43
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeU:q7Tc2NYHUrAwfMp3CDU
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2024

Terms | Privacy