blackmoon | 28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a | Triage

Submit
Reports

Overview

overview

Static

static

3

28228891d8...3a.exe

windows7-x64

28228891d8...3a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a
Size

60KB
Sample

240912-ze29asterb
MD5

786fe745789a5cd2547aaf2f28236001
SHA1

85fb41bb07d9890c0571841a71a817a19d0c05c2
SHA256

28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a
SHA512

a77c0f8eaa18119bbdfac00a40b052b656729856834219725b5b226a67c8a351e4344983f7287bbc937835f8821f315fcdb19d0bb9fd5f94438b3babf8968e50
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsP34i4cG:ymb3NkkiQ3mdBjFIsP/4L

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a
- Size
  
  60KB
- MD5
  
  786fe745789a5cd2547aaf2f28236001
- SHA1
  
  85fb41bb07d9890c0571841a71a817a19d0c05c2
- SHA256
  
  28228891d8eb2a1ec3dea8d88cf421c2fff8c13b21ab39e14bd7cc7ef05ca53a
- SHA512
  
  a77c0f8eaa18119bbdfac00a40b052b656729856834219725b5b226a67c8a351e4344983f7287bbc937835f8821f315fcdb19d0bb9fd5f94438b3babf8968e50
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsP34i4cG:ymb3NkkiQ3mdBjFIsP/4L
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy