blackmoon | 7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

HEUR-Troja...ke.exe

windows7-x64

HEUR-Troja...ke.exe

windows10-2004-x64

Sharing

General

Target

HEUR-Trojan.Win32.Injuke.pef-7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2
Size

210KB
Sample

240229-j1wewabb31
MD5

56e5c7ea909d7c745a4fd29fedb213c8
SHA1

dae65fadfaad427c37422ef30543551e8b632c3d
SHA256

7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2
SHA512

ecb3ce14b288e39ec72b3393ab0fd669ea37686cfa715e5197cf0cbc57f73e53b7e4a803ad2a19a33ea7a01e597d0cd37afbfa5fffc0c9993e4d0c213db33828
SSDEEP

1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0u5Yoz:whOm2sI93UufdC67cizfmCiiiXA6mm

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

HEUR-Trojan.Win32.Injuke.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

HEUR-Trojan.Win32.Injuke.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  HEUR-Trojan.Win32.Injuke.pef-7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2
- Size
  
  210KB
- MD5
  
  56e5c7ea909d7c745a4fd29fedb213c8
- SHA1
  
  dae65fadfaad427c37422ef30543551e8b632c3d
- SHA256
  
  7925d45cc967dae9833291616e782d799652625ae9d507adf7f2fc69d65b91b2
- SHA512
  
  ecb3ce14b288e39ec72b3393ab0fd669ea37686cfa715e5197cf0cbc57f73e53b7e4a803ad2a19a33ea7a01e597d0cd37afbfa5fffc0c9993e4d0c213db33828
- SSDEEP
  
  1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0u5Yoz:whOm2sI93UufdC67cizfmCiiiXA6mm
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy