blackmoon | b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690 | Triage

Submit
Reports

Overview

overview

Static

static

7

b0ae3cd0ab...90.exe

windows7-x64

7

b0ae3cd0ab...90.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690
Size

13.2MB
Sample

240625-lgx6gavcpp
MD5

b6e081ba084c6b4cc7840554729e9c84
SHA1

699f38e2a7503242d1329726fb9133e196d8bec4
SHA256

b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690
SHA512

8a42b7ffd3c75273eff9172a1b149cb6988883948bd71a0f11e53d45c3f5f841cdaf4fffae28cbe761c24214114d1b4924e0bcc28b37ca2c7a5521885d4377fe
SSDEEP

196608:W2TEKrPk/nY2L73dUXnEK9KW9J/Rn8ZbEvtmImY0jjhyq0ShCoWJSB:Pz2pX32Xn7kW93CuNr0HysgM

Score

10^/10

blackmoon banker trojan upx vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690.exe

Resource

win7-20240508-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690.exe

Resource

win10v2004-20240611-en

blackmoon banker trojan upx vmprotect

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690
- Size
  
  13.2MB
- MD5
  
  b6e081ba084c6b4cc7840554729e9c84
- SHA1
  
  699f38e2a7503242d1329726fb9133e196d8bec4
- SHA256
  
  b0ae3cd0ab2497282cc17a2d386775e827510bf6dc257d773d08afdd100c7690
- SHA512
  
  8a42b7ffd3c75273eff9172a1b149cb6988883948bd71a0f11e53d45c3f5f841cdaf4fffae28cbe761c24214114d1b4924e0bcc28b37ca2c7a5521885d4377fe
- SSDEEP
  
  196608:W2TEKrPk/nY2L73dUXnEK9KW9J/Rn8ZbEvtmImY0jjhyq0ShCoWJSB:Pz2pX32Xn7kW93CuNr0HysgM
Score

10^/10

vmprotect blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

blackmoonbankertrojanupxvmprotect

© 2018-2025

Terms | Privacy