blackmoon | 05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0564544213...64.exe

windows7-x64

0564544213...64.exe

windows10-2004-x64

Sharing

General

Target

05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264
Size

76KB
Sample

240524-wyarlseh35
MD5

287414622bb8b4193a47085f7537410a
SHA1

48684dfe3568f87669d3265f1e7bdf9b70decf18
SHA256

05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264
SHA512

9ac31e4c1738568255b56403c2f716e8617faf8ffc4f9ba9134d8d72eb614c9ab0768be1b7bfd9d5bf602a8623b7025804fec12cea751220a3ccb5d449064139
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKI:ymb3NkkiQ3mdBjFo68t3Gno9Ij

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264
- Size
  
  76KB
- MD5
  
  287414622bb8b4193a47085f7537410a
- SHA1
  
  48684dfe3568f87669d3265f1e7bdf9b70decf18
- SHA256
  
  05645442132cb14ff2f64e0b0f2a740f2b07505949961eb96423c6564c5dc264
- SHA512
  
  9ac31e4c1738568255b56403c2f716e8617faf8ffc4f9ba9134d8d72eb614c9ab0768be1b7bfd9d5bf602a8623b7025804fec12cea751220a3ccb5d449064139
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoAX8gu3Gno9yvrjKI:ymb3NkkiQ3mdBjFo68t3Gno9Ij
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.