blackmoon | b807c789883ffd0a0b220b4bf214423f33c22d558ce2275b617cdbc8d7af4e58 | Triage

Submit
Reports

Overview

overview

Static

static

2024-06-11...ia.exe

windows7-x64

2024-06-11...ia.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-11_3bab718d577a60b66fcf421437a24186_mafia
Size

1.3MB
Sample

240611-fbr5davgmq
MD5

3bab718d577a60b66fcf421437a24186
SHA1

1ade733cd947eda964a4bf6e10f398713bc321cf
SHA256

b807c789883ffd0a0b220b4bf214423f33c22d558ce2275b617cdbc8d7af4e58
SHA512

dacfe01e7c67dcc6244b0600fafac5bbc9dca7ab5b0491d9735637214f0163941e57d39da2eae8106e170d934882f0c01a32ec8745605c2eeafbfc3e9f93d03d
SSDEEP

24576:R1UGLrmwPVsjEkazzCm8pslRI4/iK6LfGJErGCkfp0sUPYud9mj1uRyRsGyz:Ru2jkaqm8pwOOiMeGPfp0sUPYu7UQq

Score

10^/10

blackmoon banker trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

2024-06-11_3bab718d577a60b66fcf421437a24186_mafia.exe

Resource

win7-20240419-en

blackmoon banker trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-11_3bab718d577a60b66fcf421437a24186_mafia.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-11_3bab718d577a60b66fcf421437a24186_mafia
- Size
  
  1.3MB
- MD5
  
  3bab718d577a60b66fcf421437a24186
- SHA1
  
  1ade733cd947eda964a4bf6e10f398713bc321cf
- SHA256
  
  b807c789883ffd0a0b220b4bf214423f33c22d558ce2275b617cdbc8d7af4e58
- SHA512
  
  dacfe01e7c67dcc6244b0600fafac5bbc9dca7ab5b0491d9735637214f0163941e57d39da2eae8106e170d934882f0c01a32ec8745605c2eeafbfc3e9f93d03d
- SSDEEP
  
  24576:R1UGLrmwPVsjEkazzCm8pslRI4/iK6LfGJErGCkfp0sUPYud9mj1uRyRsGyz:Ru2jkaqm8pwOOiMeGPfp0sUPYu7UQq
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Drops startup file
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy