blackmoon | 68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8 | Triage

Submit
Reports

Overview

overview

Static

static

3

68e2a76899...d8.exe

windows7-x64

68e2a76899...d8.exe

windows10-2004-x64

Sharing

General

Target

68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8
Size

371KB
Sample

240513-18lzvafh4v
MD5

a3a93eb00dddd577dab4802d405a6add
SHA1

44d6c97dd5f75694d790a175fe2f9251b22ce45f
SHA256

68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8
SHA512

5f19f17ddea1ca824f64d61ed56c139c342290153252e73001359ca7fd3a00839adc528f7ed515c8fa34fe5e7669b8c3109055b9731490a589febaf86ff13f31
SSDEEP

6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMA:n3C9uYA7i3/stR9HGYyvtTxTKMt

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8
- Size
  
  371KB
- MD5
  
  a3a93eb00dddd577dab4802d405a6add
- SHA1
  
  44d6c97dd5f75694d790a175fe2f9251b22ce45f
- SHA256
  
  68e2a76899ef54b0a4eef7a5d02c22682e591e4e6ed9de6455ee0f16e415c7d8
- SHA512
  
  5f19f17ddea1ca824f64d61ed56c139c342290153252e73001359ca7fd3a00839adc528f7ed515c8fa34fe5e7669b8c3109055b9731490a589febaf86ff13f31
- SSDEEP
  
  6144:n3C9BRIG0asYFm71mJl3/X8mak5gNv9rC8IwLaYNUvtTxTKMMA:n3C9uYA7i3/stR9HGYyvtTxTKMt
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy