blackmoon | 0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

0f69373643...4N.exe

windows7-x64

0f69373643...4N.exe

windows10-2004-x64

Sharing

General

Target

0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N
Size

332KB
Sample

241003-hpwqtstfld
MD5

2aeeefeadf5037a74f1c550df65c73d0
SHA1

d9e3d971c406b56a538a79aac5acdc56ebf8b167
SHA256

0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4
SHA512

7fef9665fa3a3070f37fcead438ad08ee4793c35a5bf2b94750d512e9f9f75cbf5af7240cb8746ffb486cf67ead461fa9fef69d8f4d5c00fd15aee4e01aaeda5
SSDEEP

6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhQ:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTg

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Targets

- Target
  
  0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4N
- Size
  
  332KB
- MD5
  
  2aeeefeadf5037a74f1c550df65c73d0
- SHA1
  
  d9e3d971c406b56a538a79aac5acdc56ebf8b167
- SHA256
  
  0f69373643b345c714492d31904e72a0e3cfb052fa4ae1f8718369d44e1e0ef4
- SHA512
  
  7fef9665fa3a3070f37fcead438ad08ee4793c35a5bf2b94750d512e9f9f75cbf5af7240cb8746ffb486cf67ead461fa9fef69d8f4d5c00fd15aee4e01aaeda5
- SSDEEP
  
  6144:3cm7ImGddXsJdJIjaRleL42bL37BoTPkhu9gX5yGsTshQc8R0nxA5ij8+RC7tPhQ:F7Tc8JdSjylh2b77BoTMA9gX59sTsuTg
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.