blackmoon | b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

b9fb48963b...6a.exe

windows7-x64

b9fb48963b...6a.exe

windows10-2004-x64

Sharing

General

Target

b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a
Size

139KB
Sample

240415-crf59sca42
MD5

78e8705be8c17f1ca1d8bbdca4c976e9
SHA1

22c53c6c9901edc845ec78c81bbc5521901db949
SHA256

b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a
SHA512

2936cbafa3a94b8a1481032a5af5095579d7b0340a920762a5f91f360ccbcaabbad5875732ee0d564b2adfc270374c360279f26ef14d71b5f362e14a22e7936f
SSDEEP

3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1a:n3C9BRomRph+0GsgyeYa

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a.exe

Resource

win10v2004-20240412-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a
- Size
  
  139KB
- MD5
  
  78e8705be8c17f1ca1d8bbdca4c976e9
- SHA1
  
  22c53c6c9901edc845ec78c81bbc5521901db949
- SHA256
  
  b9fb48963b32c73b9364cd32daec47767777caf84b947466fc591422f4430f6a
- SHA512
  
  2936cbafa3a94b8a1481032a5af5095579d7b0340a920762a5f91f360ccbcaabbad5875732ee0d564b2adfc270374c360279f26ef14d71b5f362e14a22e7936f
- SSDEEP
  
  3072:ymb3NkkiQ3mdBjFomR7UsyJC+n0Gsgyek1a:n3C9BRomRph+0GsgyeYa
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy