blackmoon | e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6 | Triage

Submit
Reports

Overview

overview

Static

static

3

e8e5d4ccef...6N.exe

windows7-x64

e8e5d4ccef...6N.exe

windows10-2004-x64

Sharing

General

Target

e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6N.exe
Size

91KB
Sample

241220-hvflsssngt
MD5

7770a099fcc9d33227caac3b9f782e30
SHA1

a999195d674946804f301b89d9f7a38649f4b2d9
SHA256

e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6
SHA512

2c62c8600a6fda5274d381167a2c32d9bd68f47d25ddedad9e868c64f1f17043ccc6bc61cfc871fd36759635e049a8f10c6614e9df6ccc0270a27bb8c850d8b6
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmmdL2jqWkBq:ymb3NkkiQ3mdBjF+3TU2iBRioSumWS14

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6N.exe

Resource

win7-20240708-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6N.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6N.exe
- Size
  
  91KB
- MD5
  
  7770a099fcc9d33227caac3b9f782e30
- SHA1
  
  a999195d674946804f301b89d9f7a38649f4b2d9
- SHA256
  
  e8e5d4ccef085d9a4472b8d3104e49d8a64ea9f760a1e0fafa5f1ec344b78bc6
- SHA512
  
  2c62c8600a6fda5274d381167a2c32d9bd68f47d25ddedad9e868c64f1f17043ccc6bc61cfc871fd36759635e049a8f10c6614e9df6ccc0270a27bb8c850d8b6
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2iJvRirE0DmmdL2jqWkBq:ymb3NkkiQ3mdBjF+3TU2iBRioSumWS14
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy