blackmoon | 6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

6290fa989b...d0.exe

windows7-x64

6290fa989b...d0.exe

windows10-2004-x64

Sharing

General

Target

6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0
Size

1.1MB
Sample

240821-mtbzfatfqa
MD5

746424c8165cf66d58e4863e3d1ada11
SHA1

2eb0c21079a2de300adf1a25fcb0c9d182679565
SHA256

6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0
SHA512

3a09e354b6e81e4755975729eb187b4ed07e030b0d29dd13336fb09001b5a1ccf6241dbbfffa7287505c366605a519367da199e3cd4f1697e933a069e0fc0293
SSDEEP

24576:h61nusLh9+qTNutzwxz9gJbUM1t4+N5IvSDv6Vi0bMc7UIr9Qd:AusLjUpwBiffN5DSMRcdR

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0.exe

Resource

win7-20240708-en

blackmoon banker discovery trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0
- Size
  
  1.1MB
- MD5
  
  746424c8165cf66d58e4863e3d1ada11
- SHA1
  
  2eb0c21079a2de300adf1a25fcb0c9d182679565
- SHA256
  
  6290fa989bb90fb3c9a7878439d19373b9b7f98417ceeb5ad99caf5120dfaad0
- SHA512
  
  3a09e354b6e81e4755975729eb187b4ed07e030b0d29dd13336fb09001b5a1ccf6241dbbfffa7287505c366605a519367da199e3cd4f1697e933a069e0fc0293
- SSDEEP
  
  24576:h61nusLh9+qTNutzwxz9gJbUM1t4+N5IvSDv6Vi0bMc7UIr9Qd:AusLjUpwBiffN5DSMRcdR
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy