blackmoon | 166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

166d075e0d...be.exe

windows7-x64

166d075e0d...be.exe

windows10-2004-x64

Sharing

General

Target

166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe
Size

455KB
Sample

241226-y3azaaykgq
MD5

730024d670661855cc6d71257a5b8981
SHA1

619f085c62270414c08f9877756192b29ae183a6
SHA256

166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe
SHA512

793f944801d7ffa17af10f03c8c734d6c543f7704cf06284db51f003a8f89365732b0811696aac426c6ffd2ef873be406232482ba2f928b264433d5060c0f184
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+Y:q7Tc2NYHUrAwfMp3CD+Y

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

120 seconds

Behavioral task

behavioral2

Sample

166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Targets

- Target
  
  166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe.exe
- Size
  
  455KB
- MD5
  
  730024d670661855cc6d71257a5b8981
- SHA1
  
  619f085c62270414c08f9877756192b29ae183a6
- SHA256
  
  166d075e0dfeb7618231a5da3953ff9abf01a83c664f5a757b67d48ff6bebebe
- SHA512
  
  793f944801d7ffa17af10f03c8c734d6c543f7704cf06284db51f003a8f89365732b0811696aac426c6ffd2ef873be406232482ba2f928b264433d5060c0f184
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbe+Y:q7Tc2NYHUrAwfMp3CD+Y
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy