blackmoon | 0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

0cf826c1d9...00.dll

windows7-x64

0cf826c1d9...00.dll

windows10-2004-x64

Sharing

General

Target

0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00
Size

80KB
Sample

221019-3lg4gsdcfq
MD5

91736a6edf7ba0ff3883de008c6dd1ee
SHA1

97d8a09de7272e7b8b74df5e402aa3620b7307e7
SHA256

0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00
SHA512

41bfa5f8d8dcedb6c63e0360ad5d4fcf8de23d38a7df037a325a7155d650cad3104acf691674d7b1eebaf9db34739c83463f9ec9df000390a763efdba6ed45f3
SSDEEP

768:TmvT5hPKXIm//39QqUCaNadrla2sI5ccdmGLkiGuWxZ:cH5m/P9xUCDdrY2s9QZ4xZ

Score

10^/10

blackmoon banker trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00.dll

Resource

win7-20220812-en

blackmoon banker trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00.dll

Resource

win10v2004-20220812-en

blackmoon banker trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00
- Size
  
  80KB
- MD5
  
  91736a6edf7ba0ff3883de008c6dd1ee
- SHA1
  
  97d8a09de7272e7b8b74df5e402aa3620b7307e7
- SHA256
  
  0cf826c1d9c49f4348a2466120849e48c8092ba525493be51709ddd33762cd00
- SHA512
  
  41bfa5f8d8dcedb6c63e0360ad5d4fcf8de23d38a7df037a325a7155d650cad3104acf691674d7b1eebaf9db34739c83463f9ec9df000390a763efdba6ed45f3
- SSDEEP
  
  768:TmvT5hPKXIm//39QqUCaNadrla2sI5ccdmGLkiGuWxZ:cH5m/P9xUCDdrY2s9QZ4xZ
Score

10^/10

blackmoon banker trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojan

behavioral2

blackmoonbankertrojan

© 2018-2025

Terms | Privacy