blackmoon | 3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5 | Triage

Submit
Reports

Overview

overview

Static

static

5

3b0dc89475...5N.exe

windows7-x64

3b0dc89475...5N.exe

windows10-2004-x64

Sharing

General

Target

3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5N.exe
Size

67KB
Sample

241219-ke728axjdv
MD5

e9941016f1ec9341b0292b4fec81b700
SHA1

2fc9acb4124955e5ef0c90ce63a83cfb710dbd17
SHA256

3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5
SHA512

b5c7b2d8b1428dcfc12e21c59cc6c7938feea84af51c784165ef6b7a864ca80fa09f56876e8c32ebcdadff4f7e02d9c832bd31b29dad41b4a8fed41cf986b19a
SSDEEP

1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5DiLKrb08I:/hOmTsF93UYfwC6GIoutcKb+

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5N.exe

Resource

win7-20241010-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5N.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5N.exe
- Size
  
  67KB
- MD5
  
  e9941016f1ec9341b0292b4fec81b700
- SHA1
  
  2fc9acb4124955e5ef0c90ce63a83cfb710dbd17
- SHA256
  
  3b0dc89475af68a7d4f52088f48bcc2633c58d1f46b7fd7f2a5b66663d8a12e5
- SHA512
  
  b5c7b2d8b1428dcfc12e21c59cc6c7938feea84af51c784165ef6b7a864ca80fa09f56876e8c32ebcdadff4f7e02d9c832bd31b29dad41b4a8fed41cf986b19a
- SSDEEP
  
  1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5DiLKrb08I:/hOmTsF93UYfwC6GIoutcKb+
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy