blackmoon | 60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

60a57ed2be...98.exe

windows7-x64

60a57ed2be...98.exe

windows10-2004-x64

Sharing

General

Target

60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98
Size

1.9MB
Sample

231008-kcq1xsag9v
MD5

d0e343541a4de59af20e512b9a31deda
SHA1

534c89486fdd1ef1a30d5e01b4b5e4e159462405
SHA256

60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98
SHA512

748e7a6e18416fe5d37c140479e26f156e43200297600cce97970d909b954e4ae4751326d67d2d1decdc144ef6242bdd34971b2b72f0597981354e856efe6ee4
SSDEEP

49152:rGZ6AR0vIkbpHDZk3nMWLcHphCZ3YLq+WLLP:SZ6/wkbtS3nZaTM3YLLWL

Score

10^/10

blackmoon aspackv2 banker evasion trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98.exe

Resource

win7-20230831-en

blackmoon banker evasion trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98.exe

Resource

win10v2004-20230915-en

blackmoon banker evasion trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98
- Size
  
  1.9MB
- MD5
  
  d0e343541a4de59af20e512b9a31deda
- SHA1
  
  534c89486fdd1ef1a30d5e01b4b5e4e159462405
- SHA256
  
  60a57ed2becb72c57c00de8ec810eef2d948fcf72c8a4e84dfa9364286ccce98
- SHA512
  
  748e7a6e18416fe5d37c140479e26f156e43200297600cce97970d909b954e4ae4751326d67d2d1decdc144ef6242bdd34971b2b72f0597981354e856efe6ee4
- SSDEEP
  
  49152:rGZ6AR0vIkbpHDZk3nMWLcHphCZ3YLq+WLLP:SZ6/wkbtS3nZaTM3YLLWL
Score

10^/10

blackmoon banker evasion trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UAC bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerevasiontrojanupx

behavioral2

blackmoonbankerevasiontrojanupx

© 2018-2025

Terms | Privacy