blackmoon | 2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

7

2f34bf410c...ab.exe

windows7-x64

2f34bf410c...ab.exe

windows10-2004-x64

Sharing

General

Target

2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab
Size

119KB
Sample

240723-y1cp4awcmq
MD5

dac5536ad06f6bc26aa4073d1a40881f
SHA1

5fc0bae656e3f22f6eaa596fc2d7baabddd40ee3
SHA256

2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab
SHA512

e66e31b2d188e7bd1530b98dc41e6cc91641b2bc7d7f02b8f185a9cefa2f4d19d81e326776da67236e99d782be2e538bfe8d6fadd2bc4a79fde4faaa5561fcc7
SSDEEP

3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH48h:kcm4FmowdHoSphraHcpOFltH42

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab.exe

Resource

win7-20240708-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab.exe

Resource

win10v2004-20240709-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab
- Size
  
  119KB
- MD5
  
  dac5536ad06f6bc26aa4073d1a40881f
- SHA1
  
  5fc0bae656e3f22f6eaa596fc2d7baabddd40ee3
- SHA256
  
  2f34bf410c832b7e6edd1e20a26bb22ecfbc1ff7b3d81a736eb086b3232cf6ab
- SHA512
  
  e66e31b2d188e7bd1530b98dc41e6cc91641b2bc7d7f02b8f185a9cefa2f4d19d81e326776da67236e99d782be2e538bfe8d6fadd2bc4a79fde4faaa5561fcc7
- SSDEEP
  
  3072:khOmTsF93UYfwC6GIoutpYcvrqrE66kropO6BWlPFH48h:kcm4FmowdHoSphraHcpOFltH42
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy