blackmoon | 295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

295eea87c5...8f.exe

windows7-x64

295eea87c5...8f.exe

windows10-2004-x64

Sharing

General

Target

295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f
Size

63KB
Sample

240610-fjqxaada58
MD5

fd6e65a4a44a135befdf31e3e6c8645b
SHA1

6135ec50702dfa21e42d229935a18b8134d48fe9
SHA256

295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f
SHA512

f59d9a66d6b74a03743e1fd29f356e683371453d2ca8a732ef91196505dec1f5ba676f3d09b413d7475484d6f11bd15c0fc58931e3a3559b06c2e66e7ff0f223
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12A:ymb3NkkiQ3mdBjFIFdJmj

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f.exe

Resource

win7-20240220-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f
- Size
  
  63KB
- MD5
  
  fd6e65a4a44a135befdf31e3e6c8645b
- SHA1
  
  6135ec50702dfa21e42d229935a18b8134d48fe9
- SHA256
  
  295eea87c576ceaa0327eb318b28e40b1e2a6a2e436b3437778cc2cd399e218f
- SHA512
  
  f59d9a66d6b74a03743e1fd29f356e683371453d2ca8a732ef91196505dec1f5ba676f3d09b413d7475484d6f11bd15c0fc58931e3a3559b06c2e66e7ff0f223
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIFdJULh12A:ymb3NkkiQ3mdBjFIFdJmj
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy