blackmoon | 213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa | Triage

Submit
Reports

Overview

overview

Static

static

213f5dae42...fa.exe

windows7-x64

213f5dae42...fa.exe

windows10-2004-x64

Sharing

General

Target

213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa
Size

1.6MB
Sample

241227-y9qnbayrdw
MD5

856cd3c2647f6d44b6922faed39b7d85
SHA1

cf4b6fd39905230dc7a8dbc6f097f17ac04d7379
SHA256

213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa
SHA512

b5b81c9b3f82cc5512db8458792a8b112fb427efab4ea0c95ea84a4c51339efbfbed7796f746e187f26039698328a68bce76d44156daa4d530785ca433af2a53
SSDEEP

24576:OrtSzyNr05PcgOzXQleqH7jJ34vNkzU9DbdYrN/IyX5iICqBh3SWgSklWny5:OY60WXkTjF4veUUrN/IycI7BST1Wny5

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa
- Size
  
  1.6MB
- MD5
  
  856cd3c2647f6d44b6922faed39b7d85
- SHA1
  
  cf4b6fd39905230dc7a8dbc6f097f17ac04d7379
- SHA256
  
  213f5dae4243fc5b09381cc91b9f99403422b9e73d92a4f59c14d0cdc2d807fa
- SHA512
  
  b5b81c9b3f82cc5512db8458792a8b112fb427efab4ea0c95ea84a4c51339efbfbed7796f746e187f26039698328a68bce76d44156daa4d530785ca433af2a53
- SSDEEP
  
  24576:OrtSzyNr05PcgOzXQleqH7jJ34vNkzU9DbdYrN/IyX5iICqBh3SWgSklWny5:OY60WXkTjF4veUUrN/IycI7BST1Wny5
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2025

Terms | Privacy