blackmoon | 674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3e | Triage

Submit
Reports

Overview

overview

Static

static

3

674b532a02...eN.exe

windows7-x64

674b532a02...eN.exe

windows10-2004-x64

Sharing

General

Target

674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3eN.exe
Size

96KB
Sample

241219-y4xjnsyqhj
MD5

794b87e935c8f13cb7bda43dce397910
SHA1

20dfeeba86c5fb509aabd618ab9e7d78e6649076
SHA256

674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3e
SHA512

0a3da19732367086c6d7d61d6eecd92662dc1ba8d57e68d1c6a233c607d24a9c6ed3d267fa3e9838b0bc2585193ce47c5a8824cae7911ea2816580375ec5d1d7
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7xCkTsIRwnohZkqR4Ra13vYlXO:ymb3NkkiQ3mdBjFo7LAIRUohDmRIL

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3eN.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3eN.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3eN.exe
- Size
  
  96KB
- MD5
  
  794b87e935c8f13cb7bda43dce397910
- SHA1
  
  20dfeeba86c5fb509aabd618ab9e7d78e6649076
- SHA256
  
  674b532a02107996c7bf4c765597d6a7105d99203411026e2f55bfa918c48f3e
- SHA512
  
  0a3da19732367086c6d7d61d6eecd92662dc1ba8d57e68d1c6a233c607d24a9c6ed3d267fa3e9838b0bc2585193ce47c5a8824cae7911ea2816580375ec5d1d7
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7xCkTsIRwnohZkqR4Ra13vYlXO:ymb3NkkiQ3mdBjFo7LAIRUohDmRIL
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy