blackmoon | ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4 | Triage

Submit
Reports

Overview

overview

Static

static

7

ec7c684c0f...b4.exe

windows7-x64

ec7c684c0f...b4.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4
Size

1.4MB
Sample

231125-fl7yksgf98
MD5

740f5a2470924adf6f235521d5e84291
SHA1

2022bf39ee0205ac548e74a378ba17c0f62a8b54
SHA256

ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4
SHA512

71abf1aa6cc5a08fde97eaef537d83f321b12ec6f8ae69686848671ed31f5e75a1c0cfb92e656f0fc428e88c05ca0f6bd86e53b421fd38923f8cdc08db475cad
SSDEEP

24576:HJtykDzVdMYeIq3xDwj+A9Q3PZhTHetfW41MMTjZn73T6ofhXrc5266BH6cQqqs8:PyIzrderhvZlqxfhX+kacpAZI7xg

Score

10^/10

blackmoon banker trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4.exe

Resource

win7-20231020-en

blackmoon banker trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4.exe

Resource

win10v2004-20231023-en

blackmoon banker trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4
- Size
  
  1.4MB
- MD5
  
  740f5a2470924adf6f235521d5e84291
- SHA1
  
  2022bf39ee0205ac548e74a378ba17c0f62a8b54
- SHA256
  
  ec7c684c0fb0fa8d61f5304e0531ab82fa7ef356a00d808072d0d47c833eceb4
- SHA512
  
  71abf1aa6cc5a08fde97eaef537d83f321b12ec6f8ae69686848671ed31f5e75a1c0cfb92e656f0fc428e88c05ca0f6bd86e53b421fd38923f8cdc08db475cad
- SSDEEP
  
  24576:HJtykDzVdMYeIq3xDwj+A9Q3PZhTHetfW41MMTjZn73T6ofhXrc5266BH6cQqqs8:PyIzrderhvZlqxfhX+kacpAZI7xg
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy