blackmoon | 95bda3688357336465a824f8427407ab89ba98a2d2f3b3c345ef906ddde26c53 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0400434332...18.exe

windows7-x64

0400434332...18.exe

windows10-2004-x64

Sharing

General

Target

0400434332731d9eb14c563f4288e399_JaffaCakes118
Size

189KB
Sample

240728-a41dkaxhjq
MD5

0400434332731d9eb14c563f4288e399
SHA1

106403e076374d84dc3755e1d111f6b7cd93a3fd
SHA256

95bda3688357336465a824f8427407ab89ba98a2d2f3b3c345ef906ddde26c53
SHA512

68e90b5d253d2d6fdc73ba35b3bec98d2d7eb82f57c4f55586fc5b44bc3eb42d2be6dc74fb5cbd668683ad3e6d72af53fade4756d68bd68a8061c5ccabd76722
SSDEEP

1536:EvQBeOGtrYSSsrc93UBIfdC67m6AJiqjt3ufT/FRxZOYoOrk4J:EhOm2sI93UufdC67ciyt3ujFf7oOrZ

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0400434332731d9eb14c563f4288e399_JaffaCakes118.exe

Resource

win7-20240729-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0400434332731d9eb14c563f4288e399_JaffaCakes118.exe

Resource

win10v2004-20240729-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  0400434332731d9eb14c563f4288e399_JaffaCakes118
- Size
  
  189KB
- MD5
  
  0400434332731d9eb14c563f4288e399
- SHA1
  
  106403e076374d84dc3755e1d111f6b7cd93a3fd
- SHA256
  
  95bda3688357336465a824f8427407ab89ba98a2d2f3b3c345ef906ddde26c53
- SHA512
  
  68e90b5d253d2d6fdc73ba35b3bec98d2d7eb82f57c4f55586fc5b44bc3eb42d2be6dc74fb5cbd668683ad3e6d72af53fade4756d68bd68a8061c5ccabd76722
- SSDEEP
  
  1536:EvQBeOGtrYSSsrc93UBIfdC67m6AJiqjt3ufT/FRxZOYoOrk4J:EhOm2sI93UufdC67ciyt3ujFf7oOrZ
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy