blackmoon | bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

bda228926d...eN.exe

windows7-x64

bda228926d...eN.exe

windows10-2004-x64

Sharing

General

Target

bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1eN.exe
Size

452KB
Sample

240925-mgx15szfrj
MD5

f05369c59fe38bc7e4a79c7001736800
SHA1

0f2e6e5f0e124a6169c8080e3d4cc2168cd16479
SHA256

bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1e
SHA512

f4c67d4a98b68b959aeacb01bacf7aace978abc15ccfc48b21d1144adc960963e76527c6d660a3c5e22a55531c2a1f98ddc65eb4e722220a4b2b4e9a08163612
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1eN.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1eN.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Targets

- Target
  
  bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1eN.exe
- Size
  
  452KB
- MD5
  
  f05369c59fe38bc7e4a79c7001736800
- SHA1
  
  0f2e6e5f0e124a6169c8080e3d4cc2168cd16479
- SHA256
  
  bda228926da733059fa4e78dbe7fff0581d1259a0eca44681ff87159bf2daa1e
- SHA512
  
  f4c67d4a98b68b959aeacb01bacf7aace978abc15ccfc48b21d1144adc960963e76527c6d660a3c5e22a55531c2a1f98ddc65eb4e722220a4b2b4e9a08163612
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeD:q7Tc2NYHUrAwfMp3CDD
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy