blackmoon | 31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871da | Triage

Submit
Reports

Overview

overview

Static

static

3

31fb62663d...aN.exe

windows7-x64

31fb62663d...aN.exe

windows10-2004-x64

Sharing

General

Target

31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871daN.exe
Size

71KB
Sample

241219-d8rtrsxkbl
MD5

66fa6c1fb1547424cebaef7242860150
SHA1

1c1dd06ff332fe1220277b6d065360582719cfc6
SHA256

31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871da
SHA512

4ab5bb1d0665d717954d87eafc4b2672add840c52452bbc077f06236a06c6c3fc2554c6709469d30a9b56de934b0713f05f6e93703c6a2441781b0e1405e2473
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3A89:ymb3NkkiQ3mdBjFI46TQ89

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871daN.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871daN.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871daN.exe
- Size
  
  71KB
- MD5
  
  66fa6c1fb1547424cebaef7242860150
- SHA1
  
  1c1dd06ff332fe1220277b6d065360582719cfc6
- SHA256
  
  31fb62663d933be51a04f0a6d6f54e0b7288404babf7c27e12f7b4bcb56871da
- SHA512
  
  4ab5bb1d0665d717954d87eafc4b2672add840c52452bbc077f06236a06c6c3fc2554c6709469d30a9b56de934b0713f05f6e93703c6a2441781b0e1405e2473
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIb0z6Mu/ePS3A89:ymb3NkkiQ3mdBjFI46TQ89
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy