blackmoon | 820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

820332fbbf...7N.exe

windows7-x64

820332fbbf...7N.exe

windows10-2004-x64

Sharing

General

Target

820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7N
Size

65KB
Sample

241006-hce8bavbmj
MD5

35f7826585e5dac391a03cbc125178a0
SHA1

8ee4a34e43cab2f91c0213fde53a8bfc2c03ba20
SHA256

820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7
SHA512

89fe6e2525a96a09db106e68ebb48a6ff2fc5bc64e76f3483540d24435a113d829670286f3a83df8a034016b11444ad8c085731e3eddcceb0708f12419ab9a17
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27BqfB:ymb3NkkiQ3mdBjFI9cqfB

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7N.exe

Resource

win7-20240729-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7N.exe

Resource

win10v2004-20240802-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Targets

- Target
  
  820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7N
- Size
  
  65KB
- MD5
  
  35f7826585e5dac391a03cbc125178a0
- SHA1
  
  8ee4a34e43cab2f91c0213fde53a8bfc2c03ba20
- SHA256
  
  820332fbbfb62b4c7fa29895df6832959fd1df74116c323c0e324aa89d9721f7
- SHA512
  
  89fe6e2525a96a09db106e68ebb48a6ff2fc5bc64e76f3483540d24435a113d829670286f3a83df8a034016b11444ad8c085731e3eddcceb0708f12419ab9a17
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDI9L27BqfB:ymb3NkkiQ3mdBjFI9cqfB
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy