blackmoon | 4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0 | Triage

Submit
Reports

Overview

overview

Static

static

3

4158d28b77...d0.exe

windows7-x64

4158d28b77...d0.exe

windows10-2004-x64

Sharing

General

Target

4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0
Size

326KB
Sample

240823-y8rtzsxanq
MD5

b62c917dd134003a3a9523c3ccea2b76
SHA1

a4026f63bc6d1be94dc4bb38a004236833dd09ff
SHA256

4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0
SHA512

8847711a9effa8a79ea349db21a2f9e3f83de92718ded09a0f049a77f3a9e494daf4efebe68f5e2ea03f9d34fc6b5bf32af8543bf7d51b0a8ff6b0b7870ba90d
SSDEEP

3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqnuOeHzmB600TUA6Z7zupoT:n3C9BRo7tvnJ99T/KZEuOod00Tq

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0.exe

Resource

win7-20240704-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0
- Size
  
  326KB
- MD5
  
  b62c917dd134003a3a9523c3ccea2b76
- SHA1
  
  a4026f63bc6d1be94dc4bb38a004236833dd09ff
- SHA256
  
  4158d28b77ac3dfaf8df3a16b39ccb9519deebb74b2dfcfcf440d144acd5b1d0
- SHA512
  
  8847711a9effa8a79ea349db21a2f9e3f83de92718ded09a0f049a77f3a9e494daf4efebe68f5e2ea03f9d34fc6b5bf32af8543bf7d51b0a8ff6b0b7870ba90d
- SSDEEP
  
  3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqnuOeHzmB600TUA6Z7zupoT:n3C9BRo7tvnJ99T/KZEuOod00Tq
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy