blackmoon | 45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

45bbd0fcf1...b5.exe

windows7-x64

45bbd0fcf1...b5.exe

windows10-2004-x64

Sharing

General

Target

45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5
Size

90KB
Sample

240605-1wp6qsac81
MD5

b589a7b0e66283bdb85b2a5e6354856e
SHA1

660a2d5c0286f1ad669c60fa81197e689e431ec6
SHA256

45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5
SHA512

b1ee6dda13c672dde0a237f7a34a0b793c4ab796d19ec224b475b356c3be4d576caa3fade7c94a46e72d0bf743f082104f7930aae044b6e30d6610cc07a98deb
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBY:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBy5

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5
- Size
  
  90KB
- MD5
  
  b589a7b0e66283bdb85b2a5e6354856e
- SHA1
  
  660a2d5c0286f1ad669c60fa81197e689e431ec6
- SHA256
  
  45bbd0fcf11d155fffaecda111fb0686cbc254480c7f46ce73ad09b9992fbeb5
- SHA512
  
  b1ee6dda13c672dde0a237f7a34a0b793c4ab796d19ec224b475b356c3be4d576caa3fade7c94a46e72d0bf743f082104f7930aae044b6e30d6610cc07a98deb
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBY:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBy5
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.