blackmoon | 49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01 | Triage

Submit
Reports

Overview

overview

Static

static

3

49b7cef8ab...01.exe

windows7-x64

49b7cef8ab...01.exe

windows10-2004-x64

Sharing

General

Target

49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01
Size

456KB
Sample

250328-yelqwasls6
MD5

aa11e7d4cfcd5c995438fa4704ece465
SHA1

014c94e41baabb3f428f36c2d502bfde3607f73b
SHA256

49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01
SHA512

9d1dc841aa7c01670ab0982c2ee00575bf97114b99704bb906319e28a37e38bd5ea631f6f15d820b7377a0681b3ed289a064a2654ceed3331cac3235a20740e5
SSDEEP

6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeX:q7Tc2NYHUrAwfMp3CDX

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01.exe

Resource

win7-20250207-en

blackmoon banker discovery trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01.exe

Resource

win10v2004-20250314-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01
- Size
  
  456KB
- MD5
  
  aa11e7d4cfcd5c995438fa4704ece465
- SHA1
  
  014c94e41baabb3f428f36c2d502bfde3607f73b
- SHA256
  
  49b7cef8abda56250f94496f325b824586e33c58502fa7767511a21d5cf21d01
- SHA512
  
  9d1dc841aa7c01670ab0982c2ee00575bf97114b99704bb906319e28a37e38bd5ea631f6f15d820b7377a0681b3ed289a064a2654ceed3331cac3235a20740e5
- SSDEEP
  
  6144:8cm7ImGddXmNt251UriZFwfsDX2UznsaFVNJCMKAbeX:q7Tc2NYHUrAwfMp3CDX
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy