blackmoon | ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a | Triage

Submit
Reports

Overview

overview

Static

static

3

ad5236a2a7...1a.exe

windows7-x64

ad5236a2a7...1a.exe

windows10-2004-x64

Sharing

General

Target

ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a
Size

456KB
Sample

250120-kzprdasjap
MD5

254f06adf78ae1223269f6dd14b3d2e8
SHA1

67ecc863e8c699c82f5223f4dece78cfbb378528
SHA256

ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a
SHA512

b8fd4fce9cd71a69f0b4908447309108b2c414e401377bce109a3ada4c21dbc6253e45e5f8308b6f0dd5a6d2a3827511d3bf347b1d8efa499b44844753803a09
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRl:q7Tc2NYHUrAwfMp3CDRl

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a.exe

Resource

win7-20240903-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a.exe

Resource

win10v2004-20241007-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a
- Size
  
  456KB
- MD5
  
  254f06adf78ae1223269f6dd14b3d2e8
- SHA1
  
  67ecc863e8c699c82f5223f4dece78cfbb378528
- SHA256
  
  ad5236a2a757a0605d5cfa9d615046ff3397ff9a71189ce1d1c1adc4e0db191a
- SHA512
  
  b8fd4fce9cd71a69f0b4908447309108b2c414e401377bce109a3ada4c21dbc6253e45e5f8308b6f0dd5a6d2a3827511d3bf347b1d8efa499b44844753803a09
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeRl:q7Tc2NYHUrAwfMp3CDRl
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy