blackmoon | e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

e9b05d1af3...e0.exe

windows7-x64

e9b05d1af3...e0.exe

windows10-2004-x64

Sharing

General

Target

e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0
Size

308KB
Sample

240616-ejwxvsserm
MD5

17a51fa72d5a9e3b466eeec37c5a706b
SHA1

7527223c1349ca49bc75e1996cb6436504a5bb33
SHA256

e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0
SHA512

e306c5f83cda0d65b0fc83d329b34462585763f470185d9314e1c2b0c6617586b969798559581875901bde3e2c6c13f01cc53d50a4ce0352ccd5ab3afd1d9b3a
SSDEEP

3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMw:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9ep

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0.exe

Resource

win7-20240611-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0.exe

Resource

win10v2004-20240226-en

blackmoon banker trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0
- Size
  
  308KB
- MD5
  
  17a51fa72d5a9e3b466eeec37c5a706b
- SHA1
  
  7527223c1349ca49bc75e1996cb6436504a5bb33
- SHA256
  
  e9b05d1af3c858aa6399ee61b9f41a2ea409d4275eda9c7f9aa78eec031bcae0
- SHA512
  
  e306c5f83cda0d65b0fc83d329b34462585763f470185d9314e1c2b0c6617586b969798559581875901bde3e2c6c13f01cc53d50a4ce0352ccd5ab3afd1d9b3a
- SSDEEP
  
  3072:ymb3NkkiQ3mdBjFo7LAIRUohDLS0k+sLiiBVS0ILlMcGGW7sRCl9eMw:n3C9BRo/AIuunS3+sOiBVSXxMxTsm9ep
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX dump on OEP (original entry point)
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy