blackmoon | 1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

1459458a42...4d.exe

windows7-x64

1459458a42...4d.exe

windows10-2004-x64

Sharing

General

Target

1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d
Size

68KB
Sample

241009-xd5xpawbpe
MD5

db485556bfa88b743ded11de0bb80807
SHA1

1e235382e05074c24134516999a4d06d4ee35eeb
SHA256

1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d
SHA512

2c88c455fb51d2582a82983db802fd6ad273a282aa8b9b9f6e1d51285bb4686c65a194b4b73be59ce60fdc50e427e62cc539028157b059944555c9a2ad2bd2ca
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIug6bL6Nl1B:ymb3NkkiQ3mdBjFIugptB

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d
- Size
  
  68KB
- MD5
  
  db485556bfa88b743ded11de0bb80807
- SHA1
  
  1e235382e05074c24134516999a4d06d4ee35eeb
- SHA256
  
  1459458a4278014c86d635f1f259dc9e37c08e8417c2a89a45e8527a956b7a4d
- SHA512
  
  2c88c455fb51d2582a82983db802fd6ad273a282aa8b9b9f6e1d51285bb4686c65a194b4b73be59ce60fdc50e427e62cc539028157b059944555c9a2ad2bd2ca
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIug6bL6Nl1B:ymb3NkkiQ3mdBjFIugptB
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy