blackmoon | 758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57 | Triage

Submit
Reports

Overview

overview

Static

static

758c2c8078...57.exe

windows7-x64

758c2c8078...57.exe

windows10-2004-x64

Sharing

General

Target

758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57
Size

560KB
Sample

240914-zhzbtavgqd
MD5

cbf54780cdd334b9caf10f4980172192
SHA1

50a2ee1b0e15b5a39f9ec7a826ccb4f98c465995
SHA256

758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57
SHA512

f7b2aedb9f3130ed976da7ca583f66fe38e3d48909055c9af309d4b12325216958f406b9afc1ee3ae71c9b60e1789e748c6f4d7262e00ac5265f65e446a53941
SSDEEP

6144:Ig3oBabKfY+R9VGLj10B7F8zekO+nZd2G4cLUh2q/+Km//v0o+:VogOfY+R9VGLj10B7F8ywZdX45H+Kmn

Score

10^/10

blackmoon banker discovery evasion trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57.exe

Resource

win7-20240903-en

blackmoon banker discovery evasion trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery evasion trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57
- Size
  
  560KB
- MD5
  
  cbf54780cdd334b9caf10f4980172192
- SHA1
  
  50a2ee1b0e15b5a39f9ec7a826ccb4f98c465995
- SHA256
  
  758c2c807802282b562ce8b7174709292d7cb5aee2aa13195a3080d5412b7b57
- SHA512
  
  f7b2aedb9f3130ed976da7ca583f66fe38e3d48909055c9af309d4b12325216958f406b9afc1ee3ae71c9b60e1789e748c6f4d7262e00ac5265f65e446a53941
- SSDEEP
  
  6144:Ig3oBabKfY+R9VGLj10B7F8zekO+nZd2G4cLUh2q/+Km//v0o+:VogOfY+R9VGLj10B7F8ywZdX45H+Kmn
Score

10^/10

blackmoon banker discovery evasion trojan
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoveryevasiontrojan

behavioral2

blackmoonbankerdiscoveryevasiontrojan

© 2018-2025

Terms | Privacy