blackmoon | 1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1157f1fc9a...70.exe

windows7-x64

1157f1fc9a...70.exe

windows10-2004-x64

Sharing

General

Target

1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070
Size

1.6MB
Sample

240911-gscaxswclr
MD5

7027bf232cb5ff7a03fc272ce8bb46a8
SHA1

7adbdf27c7b695c8c70ff29631eedb53157b9945
SHA256

1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070
SHA512

dd387411f2142d5525904699de5ee57832bbd1c1d7b83c04b077289c7487c766722922c7a8686eb1a8feeacfb5ab785a5e2a0a4dafd8d28dbc78848dfb49eb05
SSDEEP

49152:7APgI7n6HSqgQ5pQKHYUZB6mfz6m+TPn881QGV:7APgI6HSqgQjx4BR88qi

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070.exe

Resource

win7-20240729-en

blackmoon banker discovery trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070
- Size
  
  1.6MB
- MD5
  
  7027bf232cb5ff7a03fc272ce8bb46a8
- SHA1
  
  7adbdf27c7b695c8c70ff29631eedb53157b9945
- SHA256
  
  1157f1fc9ab4eb0590b74d336d8fa3aa572dff80afcf2a879b9b32f9b35ad070
- SHA512
  
  dd387411f2142d5525904699de5ee57832bbd1c1d7b83c04b077289c7487c766722922c7a8686eb1a8feeacfb5ab785a5e2a0a4dafd8d28dbc78848dfb49eb05
- SSDEEP
  
  49152:7APgI7n6HSqgQ5pQKHYUZB6mfz6m+TPn881QGV:7APgI6HSqgQjx4BR88qi
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy