blackmoon | 1dc18af52769169af8305ff33857c0f317d7c62c78fbacb76ac5fd4d9a60416d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

2024091379...id.exe

windows7-x64

2024091379...id.exe

windows10-2004-x64

Sharing

General

Target

20240913791aaf93b77c02e7d80b1517a534553bicedid
Size

2.5MB
Sample

240913-v3p7esyfqp
MD5

791aaf93b77c02e7d80b1517a534553b
SHA1

209ae814e06aa4cb15b4dbec2784aa205b37dd7b
SHA256

1dc18af52769169af8305ff33857c0f317d7c62c78fbacb76ac5fd4d9a60416d
SHA512

82e1bd01a95a7225285bcda8420460164e8cd7f81490f3c5e54da572822256d403314ed824fb0f74d7ad270740c018983cee9b44f09c3c64fc234b8d811baff5
SSDEEP

49152:YZ0v0xeSxURL9RxYMWWN5YUwT0YwWWN5YUwTBLe:6w0xeS47n

Score

10^/10

blackmoon banker discovery trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

20240913791aaf93b77c02e7d80b1517a534553bicedid.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

20240913791aaf93b77c02e7d80b1517a534553bicedid.exe

Resource

win10v2004-20240910-en

blackmoon banker discovery trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  20240913791aaf93b77c02e7d80b1517a534553bicedid
- Size
  
  2.5MB
- MD5
  
  791aaf93b77c02e7d80b1517a534553b
- SHA1
  
  209ae814e06aa4cb15b4dbec2784aa205b37dd7b
- SHA256
  
  1dc18af52769169af8305ff33857c0f317d7c62c78fbacb76ac5fd4d9a60416d
- SHA512
  
  82e1bd01a95a7225285bcda8420460164e8cd7f81490f3c5e54da572822256d403314ed824fb0f74d7ad270740c018983cee9b44f09c3c64fc234b8d811baff5
- SSDEEP
  
  49152:YZ0v0xeSxURL9RxYMWWN5YUwT0YwWWN5YUwTBLe:6w0xeS47n
Score

10^/10

blackmoon banker discovery trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojan

behavioral2

blackmoonbankerdiscoverytrojan

© 2018-2025

Terms | Privacy