blackmoon | 0edeb5384648f6859229df4e7a733f9ae7f214f6914535e3e6506a629f7d4198 | Triage

Submit
Reports

Overview

overview

Static

static

9a404626f9...0N.exe

windows7-x64

9a404626f9...0N.exe

windows10-2004-x64

Sharing

General

Target

9a404626f99480ace5f0299122968e40N.exe
Size

437KB
Sample

240822-2dgbjstbrm
MD5

9a404626f99480ace5f0299122968e40
SHA1

2b65e39bcd69c7982c44e1c0d40a4528b34c648e
SHA256

0edeb5384648f6859229df4e7a733f9ae7f214f6914535e3e6506a629f7d4198
SHA512

ce0272916981a3add6e3d73ca932eb226e11d3ac4267fdcaf918c3881b538c21c39ed07ceb6be0a45d2dc9be8b98c43481861b69de8a1ce8ece9a53848b076bb
SSDEEP

3072:q0mx45LFnq9qDAuSbAXVkQUQ9oPfz0c0uxNUIqTkHoYCDfxj4/0/yjUuMx8k7:q0m2FqgDAuSbAXKfz0c0sUIJHk40/yWf

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

9a404626f99480ace5f0299122968e40N.exe

Resource

win7-20240704-en

blackmoon banker discovery trojan

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

9a404626f99480ace5f0299122968e40N.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  9a404626f99480ace5f0299122968e40N.exe
- Size
  
  437KB
- MD5
  
  9a404626f99480ace5f0299122968e40
- SHA1
  
  2b65e39bcd69c7982c44e1c0d40a4528b34c648e
- SHA256
  
  0edeb5384648f6859229df4e7a733f9ae7f214f6914535e3e6506a629f7d4198
- SHA512
  
  ce0272916981a3add6e3d73ca932eb226e11d3ac4267fdcaf918c3881b538c21c39ed07ceb6be0a45d2dc9be8b98c43481861b69de8a1ce8ece9a53848b076bb
- SSDEEP
  
  3072:q0mx45LFnq9qDAuSbAXVkQUQ9oPfz0c0uxNUIqTkHoYCDfxj4/0/yjUuMx8k7:q0m2FqgDAuSbAXKfz0c0sUIJHk40/yWf
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2025

Terms | Privacy