blackmoon | bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

bbfbde3e02...09.exe

windows7-x64

bbfbde3e02...09.exe

windows10-2004-x64

Sharing

General

Target

bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009
Size

200KB
Sample

240516-c8zc6shb33
MD5

be02f15548abb60acdf00e452073f11b
SHA1

80e42d7ee48bfa5a58f4e69bc5a0236e7bd6cff0
SHA256

bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009
SHA512

e66c963d2ff8335ca3b74ececfa9338c540d364c48f62040d86caf7a7b3691a4a420e7149718b9c62c8e3354b7ff5fb7ed093e29959ccecb007d824a824645ee
SSDEEP

3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUVv1T6:n3C9BRIG0asYFm71m8+GdkB9Cv1W

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009.exe

Resource

win7-20240220-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009
- Size
  
  200KB
- MD5
  
  be02f15548abb60acdf00e452073f11b
- SHA1
  
  80e42d7ee48bfa5a58f4e69bc5a0236e7bd6cff0
- SHA256
  
  bbfbde3e0242c6da4dd0a6cf28fb9cd6f27f3bfb0f6fd911dc5857518f635009
- SHA512
  
  e66c963d2ff8335ca3b74ececfa9338c540d364c48f62040d86caf7a7b3691a4a420e7149718b9c62c8e3354b7ff5fb7ed093e29959ccecb007d824a824645ee
- SSDEEP
  
  3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUVv1T6:n3C9BRIG0asYFm71m8+GdkB9Cv1W
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy