blackmoon | c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3 | Triage

Submit
Reports

Overview

overview

Static

static

3

c48c0b9a50...f3.exe

windows7-x64

c48c0b9a50...f3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3
Size

332KB
Sample

240902-d4w8pazhnn
MD5

89e6f48bb26666b4fcb9e63f21b02f36
SHA1

f0af71e90aa9216f4af24e2b52c966e9d8866a44
SHA256

c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3
SHA512

179663cfb274fa07e67d2b50e81b7b4b8a9d06597ab710c343ee57be28cc583443e5fbafed2c1e952bce81f20a09f8faddae30dfb08d6640d27be6c36804961a
SSDEEP

6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhu:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTe

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3.exe

Resource

win7-20240708-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3
- Size
  
  332KB
- MD5
  
  89e6f48bb26666b4fcb9e63f21b02f36
- SHA1
  
  f0af71e90aa9216f4af24e2b52c966e9d8866a44
- SHA256
  
  c48c0b9a500c4ee2418708fb70cf9dda5369267f0a704faf21105628d8ea9ef3
- SHA512
  
  179663cfb274fa07e67d2b50e81b7b4b8a9d06597ab710c343ee57be28cc583443e5fbafed2c1e952bce81f20a09f8faddae30dfb08d6640d27be6c36804961a
- SSDEEP
  
  6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhu:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTe
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy