blackmoon | 3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e | Triage

Submit
Reports

Overview

overview

Static

static

5

3d3db526d0...7e.exe

windows7-x64

3d3db526d0...7e.exe

windows10-2004-x64

Sharing

General

Target

3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e
Size

535KB
Sample

241217-vefm3ssrev
MD5

873c34d12fadd474f4bac5aa688175cf
SHA1

e43f85267a113904f00630db14b82a0cf961e5dd
SHA256

3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e
SHA512

0b34c0848e2c8fd4886f7ffe6d2941b6817d406989ebc4a7b215f5a5ff7c7139506e8799fe34dca7aec939317ff3fe0a76044e77086ee5a1a9b282f5fb2328da
SSDEEP

12288:NvGfnR+qI1WvLMSPQEU86m8aqKh4J3sujfKd9bIN9LGoS:Nv8Y0L9J8aqM4muKdyTL

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e
- Size
  
  535KB
- MD5
  
  873c34d12fadd474f4bac5aa688175cf
- SHA1
  
  e43f85267a113904f00630db14b82a0cf961e5dd
- SHA256
  
  3d3db526d07b23f2152b9172a97544073909a076fabab53cc3b1d9f2d9fb7a7e
- SHA512
  
  0b34c0848e2c8fd4886f7ffe6d2941b6817d406989ebc4a7b215f5a5ff7c7139506e8799fe34dca7aec939317ff3fe0a76044e77086ee5a1a9b282f5fb2328da
- SSDEEP
  
  12288:NvGfnR+qI1WvLMSPQEU86m8aqKh4J3sujfKd9bIN9LGoS:Nv8Y0L9J8aqM4muKdyTL
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy