blackmoon | 7a3ab1c009b5d827ab2245cb26cb9c70999542ebc0c4f40d97ca4116421cfad4 | Triage

Submit
Reports

Overview

overview

Static

static

yunyu1.dll

windows10-2004-x64

out.dll

windows10-2004-x64

3

Sharing

General

Target

yunyu1.dll
Size

3.3MB
Sample

250402-cq92yssmv6
MD5

5cebb26986fc489229f5c83efeff3edb
SHA1

394d4ec00bbed12415f6f7df068f76606b2fb9b8
SHA256

7a3ab1c009b5d827ab2245cb26cb9c70999542ebc0c4f40d97ca4116421cfad4
SHA512

61af80903d690a01c7c542b050654be5f318099871a7ba602ecf79a6f7d335f172b10f5cac33cb7139dd7773b68f236a8f8e4dd482486197fb7b81288900e99f
SSDEEP

98304:wSm9lpNfXVZI057IFL1v0X+JMYE49Lt5UrrIz+6Kf6g/FUKZeRn2RXA09LWBpSv6:wSYUq+JMcKIz7KvFM2SBpSc78T9W7

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

5 signatures

Behavioral task

behavioral1

Sample

yunyu1.dll

Resource

win10v2004-20250314-en

blackmoon banker discovery trojan upx

windows10-2004-x64

8 signatures

600 seconds

Behavioral task

behavioral2

Sample

out.dll

Resource

win10v2004-20250314-en

windows10-2004-x64

3 signatures

600 seconds

Malware Config

Targets

- Target
  
  yunyu1.dll
- Size
  
  3.3MB
- MD5
  
  5cebb26986fc489229f5c83efeff3edb
- SHA1
  
  394d4ec00bbed12415f6f7df068f76606b2fb9b8
- SHA256
  
  7a3ab1c009b5d827ab2245cb26cb9c70999542ebc0c4f40d97ca4116421cfad4
- SHA512
  
  61af80903d690a01c7c542b050654be5f318099871a7ba602ecf79a6f7d335f172b10f5cac33cb7139dd7773b68f236a8f8e4dd482486197fb7b81288900e99f
- SSDEEP
  
  98304:wSm9lpNfXVZI057IFL1v0X+JMYE49Lt5UrrIz+6Kf6g/FUKZeRn2RXA09LWBpSv6:wSYUq+JMcKIz7KvFM2SBpSc78T9W7
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Blocklisted process makes network request
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  out.upx
- Size
  
  5.2MB
- MD5
  
  a6c20cc2b0c76b08a2f0b5d93b92238c
- SHA1
  
  e8b49bcba584c9069f5cd46f8f778695ef3cc451
- SHA256
  
  0e5f21a9cf5f45cc5e234f50607af35fef93b07f4ae1bc1aa6ed32208876a2f0
- SHA512
  
  7da9073055be2c43d7356c5b270e700b14626d8aa0b9420c505d5ae3ffaf2c5e66a2153874a545554fbd23ae69c1411595cf009d57793d002612e0d7f95994ed
- SSDEEP
  
  98304:esAid9NFt0paacMXCTZlrxDmAFWueTLNfaEON:esAiBgaBMwZldFWT5faEa
Score

3^/10

discovery
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

© 2018-2025

Terms | Privacy