blackmoon | 1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2 | Triage

Submit
Reports

Overview

overview

Static

static

3

1bf73a11bd...e2.exe

windows7-x64

1bf73a11bd...e2.exe

windows10-2004-x64

Sharing

General

Target

1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2
Size

493KB
Sample

240511-xx84fsdb3z
MD5

aad50f7cc69adafb11e611169038d9bd
SHA1

4c38464cd5b8fa4ebcdd60693040b8d56ff0ab24
SHA256

1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2
SHA512

79e41db71d040835c6c9e83b02702fc1a4083dbb993b6a700a02ded4460ed767f9d450fd73a6af7ad95b2fd90e7968e1ee1903532220980b261d59dd0660fb01
SSDEEP

6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93svqTbWL5wEpOQ9DRRr:n3C9yMo+S0L9xRnoq7H9QYcmeN9Dj

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2.exe

Resource

win7-20240419-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2
- Size
  
  493KB
- MD5
  
  aad50f7cc69adafb11e611169038d9bd
- SHA1
  
  4c38464cd5b8fa4ebcdd60693040b8d56ff0ab24
- SHA256
  
  1bf73a11bdc6e268066415c16dd34acb5ea828f54c8bf1f5ee33a82dd387efe2
- SHA512
  
  79e41db71d040835c6c9e83b02702fc1a4083dbb993b6a700a02ded4460ed767f9d450fd73a6af7ad95b2fd90e7968e1ee1903532220980b261d59dd0660fb01
- SSDEEP
  
  6144:n3C9BRo7MlrWKo+lS0Le4xRSAoq78yoyfx93svqTbWL5wEpOQ9DRRr:n3C9yMo+S0L9xRnoq7H9QYcmeN9Dj
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy