blackmoon | b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad | Triage

Submit
Reports

Overview

overview

Static

static

b36ae4650f...ad.exe

windows7-x64

b36ae4650f...ad.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad
Size

4.7MB
Sample

230825-bc6xpsgc93
MD5

499d95061f627d4ed10f30e5a10a225a
SHA1

4a05f5184c8871daabc0287e4f3a4384fe696881
SHA256

b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad
SHA512

78830c197319264ddb4529a8736a597a61416602950fd6874d7679c033feed273a9740017bbe474d5f975bcde7f2fb7cf6c4f40a741ce3ee9a78e4671057910c
SSDEEP

98304:JSDGLG+p1c0IHtUq5vGliH3YLfGGG2pLTuH+641C:JSDGLGW1c0IHtUYufk4o

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad.exe

Resource

win7-20230712-en

blackmoon banker trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad.exe

Resource

win10v2004-20230703-en

blackmoon banker trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad
- Size
  
  4.7MB
- MD5
  
  499d95061f627d4ed10f30e5a10a225a
- SHA1
  
  4a05f5184c8871daabc0287e4f3a4384fe696881
- SHA256
  
  b36ae4650f0f0b90de1d44c92ebfe62b4ae3f251f94b47eb23e7ef42327b10ad
- SHA512
  
  78830c197319264ddb4529a8736a597a61416602950fd6874d7679c033feed273a9740017bbe474d5f975bcde7f2fb7cf6c4f40a741ce3ee9a78e4671057910c
- SSDEEP
  
  98304:JSDGLG+p1c0IHtUq5vGliH3YLfGGG2pLTuH+641C:JSDGLGW1c0IHtUYufk4o
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy