blackmoon | a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806 | Triage

Submit
Reports

Overview

overview

Static

static

5

a357d1cf9a...6N.exe

windows7-x64

a357d1cf9a...6N.exe

windows10-2004-x64

Sharing

General

Target

a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806N.exe
Size

79KB
Sample

241219-b9tnmssnaj
MD5

8ea95fca637773558f2e3d4360a02ed0
SHA1

7ca368a7397acf854d954f326d381118530ac5b9
SHA256

a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806
SHA512

203b0c42d48ae823b5ee657d709b0fd0d9ac966208318d0f1fe2371ad5bdbd8c852b83a3791cc51f98a92740e36a7a0e0dfd7a731b33865e9994983888738095
SSDEEP

1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy82F13w1rCJtzx8/p7ke2f:xhOmTsF93UYfwC6GIout03LzGFK

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806N.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806N.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806N.exe
- Size
  
  79KB
- MD5
  
  8ea95fca637773558f2e3d4360a02ed0
- SHA1
  
  7ca368a7397acf854d954f326d381118530ac5b9
- SHA256
  
  a357d1cf9a73373b436220c52a127800fca57127b6479653db3a90e08b894806
- SHA512
  
  203b0c42d48ae823b5ee657d709b0fd0d9ac966208318d0f1fe2371ad5bdbd8c852b83a3791cc51f98a92740e36a7a0e0dfd7a731b33865e9994983888738095
- SSDEEP
  
  1536:xvQBeOGtrYS3srx93UBWfwC6Ggnouy82F13w1rCJtzx8/p7ke2f:xhOmTsF93UYfwC6GIout03LzGFK
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy