blackmoon | fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57 | Triage

Submit
Reports

Overview

overview

Static

static

3

fe31971659...57.exe

windows7-x64

fe31971659...57.exe

windows10-2004-x64

Sharing

General

Target

fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57
Size

487KB
Sample

241220-ln2r8svrfl
MD5

6ee38431c177f390173f0ab32b549408
SHA1

3bf399258a013dec7952affe25b0909579948802
SHA256

fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57
SHA512

c523b1a2f4bc774621e6ff64221bb462f372f514c32061839c4852034a390fa5bbfb17d47e45fe393a59f36d2df6b1f3e677e7b116a48d7e0e22d22d89c84dfb
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3tb:q7Tc2NYHUrAwfMHNnplsp

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57.exe

Resource

win7-20240729-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57
- Size
  
  487KB
- MD5
  
  6ee38431c177f390173f0ab32b549408
- SHA1
  
  3bf399258a013dec7952affe25b0909579948802
- SHA256
  
  fe31971659c280308977f5092dec377e63c42d8df18c9d790fab2f08fd88ed57
- SHA512
  
  c523b1a2f4bc774621e6ff64221bb462f372f514c32061839c4852034a390fa5bbfb17d47e45fe393a59f36d2df6b1f3e677e7b116a48d7e0e22d22d89c84dfb
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2CfNnkymTwaJ3tb:q7Tc2NYHUrAwfMHNnplsp
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy