blackmoon | e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

e31d602599...10.exe

windows7-x64

e31d602599...10.exe

windows10-2004-x64

Sharing

General

Target

e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610
Size

69KB
Sample

240529-dyc8mahe66
MD5

0e5b4dd9bd0795cd41b88a1d343047fb
SHA1

f98a197ad2f366aa65d3c102d425189158b110cc
SHA256

e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610
SHA512

af7fa431ce6a7735fa7f3cb5b8dc53ef372aefede01fb282ac82f06373a5f44cd8fc0914ea96fefba53e1da33d03c46c5b1e09318d47a027a163b91b82754761
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbu0:ymb3NkkiQ3mdBjFIfvTfCD+HU

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610
- Size
  
  69KB
- MD5
  
  0e5b4dd9bd0795cd41b88a1d343047fb
- SHA1
  
  f98a197ad2f366aa65d3c102d425189158b110cc
- SHA256
  
  e31d6025997bb78485544193c717463169b67fef14c9eb4d4a1757ae6392c610
- SHA512
  
  af7fa431ce6a7735fa7f3cb5b8dc53ef372aefede01fb282ac82f06373a5f44cd8fc0914ea96fefba53e1da33d03c46c5b1e09318d47a027a163b91b82754761
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbu0:ymb3NkkiQ3mdBjFIfvTfCD+HU
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy