blackmoon | e578ece9d42ad3675227135b2e33a9051d4a74c685e0f9c52c45bda1de0f7979 | Triage

Submit
Reports

Overview

overview

Static

static

c2a63e201c...18.exe

windows7-x64

c2a63e201c...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c2a63e201c604e65f66f53a8718f95a2_JaffaCakes118
Size

559KB
Sample

240404-ztxx5aac5t
MD5

c2a63e201c604e65f66f53a8718f95a2
SHA1

9de7331de57f6c0df6a5162b1e5f7bc11c42b714
SHA256

e578ece9d42ad3675227135b2e33a9051d4a74c685e0f9c52c45bda1de0f7979
SHA512

1d3ac2027d9194f8b6c2e66f1802ec60a40d84da203f931f52c8df8fe2f98400ffe5c877b535bd73a73f233f3ac2cb323be455fcf5049c987d5297f7d39613a8
SSDEEP

12288:fqGKl6bcNQSjEgkSiP8Lr2mFE66kjlKuJ9J7tfg+LRZq01Y:fNKl6b8JYgyP8WTGIuhZvPq

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

c2a63e201c604e65f66f53a8718f95a2_JaffaCakes118.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2a63e201c604e65f66f53a8718f95a2_JaffaCakes118.exe

Resource

win10v2004-20231215-en

blackmoon banker trojan upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  c2a63e201c604e65f66f53a8718f95a2_JaffaCakes118
- Size
  
  559KB
- MD5
  
  c2a63e201c604e65f66f53a8718f95a2
- SHA1
  
  9de7331de57f6c0df6a5162b1e5f7bc11c42b714
- SHA256
  
  e578ece9d42ad3675227135b2e33a9051d4a74c685e0f9c52c45bda1de0f7979
- SHA512
  
  1d3ac2027d9194f8b6c2e66f1802ec60a40d84da203f931f52c8df8fe2f98400ffe5c877b535bd73a73f233f3ac2cb323be455fcf5049c987d5297f7d39613a8
- SSDEEP
  
  12288:fqGKl6bcNQSjEgkSiP8Lr2mFE66kjlKuJ9J7tfg+LRZq01Y:fNKl6b8JYgyP8WTGIuhZvPq
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy