blackmoon | 52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb | Triage

Submit
Reports

Overview

overview

Static

static

3

52825affd9...db.exe

windows7-x64

52825affd9...db.exe

windows10-2004-x64

Sharing

General

Target

52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb
Size

456KB
Sample

250328-y9h88s1tgt
MD5

b8b06189ddbb0454b6b3fd2c8261bd22
SHA1

a011dc28a25e5eef6deb7470f087a9a6f63d158b
SHA256

52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb
SHA512

e25cd2652e59b314e54b4920690f697dcec1f66eee3cb7eddeb3934577f6b9afe94ac2f54d16dcce91727f56ef7753bb8106d0d91ba09ae8e62cf44372de4d4b
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeSi:q7Tc2NYHUrAwfMp3CDSi

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb.exe

Resource

win7-20241010-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb.exe

Resource

win10v2004-20250314-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb
- Size
  
  456KB
- MD5
  
  b8b06189ddbb0454b6b3fd2c8261bd22
- SHA1
  
  a011dc28a25e5eef6deb7470f087a9a6f63d158b
- SHA256
  
  52825affd9856594d5140fd5a80d8571fd116cce412985f713cf61063a0d4fdb
- SHA512
  
  e25cd2652e59b314e54b4920690f697dcec1f66eee3cb7eddeb3934577f6b9afe94ac2f54d16dcce91727f56ef7753bb8106d0d91ba09ae8e62cf44372de4d4b
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeSi:q7Tc2NYHUrAwfMp3CDSi
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy