blackmoon | a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57 | Triage

Submit
Reports

Overview

overview

Static

static

a5cbb2dda5...57.exe

windows7-x64

a5cbb2dda5...57.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57
Size

350KB
Sample

240420-bfle6scc53
MD5

217b55223091d6d80bfc8f81fddcaba7
SHA1

2cc93e5688b447827c56965b8ce87ec3e94a850c
SHA256

a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57
SHA512

9e90e657b189fa2384d1662acc5d8e0dec8fde55b4b99f34055d170ed6eeb2d0a98259307ca8aee68a22fd557bf7a5ff718cb9a6fd9b75e92dab31bc13e00b1b
SSDEEP

6144:dcm4FmowdHoSNjAszBd+aQz0ZUx2w/ZmTH1R5h2VaHjmVQh5W6z0OJ0HPopxyzum:f4wFHoSN1zBjAGUx2w/q1R5h2VumVQh0

Score

10^/10

blackmoon banker trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57.exe

Resource

win7-20231129-en

blackmoon banker trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57.exe

Resource

win10v2004-20240412-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57
- Size
  
  350KB
- MD5
  
  217b55223091d6d80bfc8f81fddcaba7
- SHA1
  
  2cc93e5688b447827c56965b8ce87ec3e94a850c
- SHA256
  
  a5cbb2dda57e600efb6df4a87c087e7fc941f5e0560543ce39faca0a8dd14b57
- SHA512
  
  9e90e657b189fa2384d1662acc5d8e0dec8fde55b4b99f34055d170ed6eeb2d0a98259307ca8aee68a22fd557bf7a5ff718cb9a6fd9b75e92dab31bc13e00b1b
- SSDEEP
  
  6144:dcm4FmowdHoSNjAszBd+aQz0ZUx2w/ZmTH1R5h2VaHjmVQh5W6z0OJ0HPopxyzum:f4wFHoSN1zBjAGUx2w/q1R5h2VumVQh0
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy