blackmoon | 4ec7b59805a6c10578ff1bc59139279e3ef1289357a2baa4d9ea075e84a0d2b3 | Triage

Submit
Reports

Overview

overview

Static

static

5

CF烈焰[�...-1.exe

windows10-2004-x64

CF烈焰[�...-1.exe

windows11-21h2-x64

Sharing

General

Target

JaffaCakes118_cb6e02a3959d25f62b76afc3fb8d6150
Size

531KB
Sample

250421-3k1t7sxwgz
MD5

cb6e02a3959d25f62b76afc3fb8d6150
SHA1

666d59acfe8836e72d377b96804d3611e9db83c5
SHA256

4ec7b59805a6c10578ff1bc59139279e3ef1289357a2baa4d9ea075e84a0d2b3
SHA512

9c6a20a7dabbd82e0c457a62288a396cabeac963e2e969049cbdf5974a4754c3e35bd2e102d8daa205cefb8d2d2f37ee6f54c4485ff9db80d0693ec6336eac5e
SSDEEP

12288:bWS5ZCOYUHS9fcYt1RSsDM+x7GgZ0BRwLY4wJ7:lj7YUHStcYt1RSWlGgZwRwpwJ7

Score

10^/10

blackmoon banker discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

CF烈焰[体验服二区]全能BT辅助0421-1.exe

Resource

win10v2004-20250313-en

blackmoon banker discovery trojan upx

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

CF烈焰[体验服二区]全能BT辅助0421-1.exe

Resource

win11-20250410-en

blackmoon banker discovery trojan upx

windows11-21h2-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  CF烈焰[体验服二区]全能BT辅助0421-1.exe
- Size
  
  613KB
- MD5
  
  2f82abf3e6a38fc68c6b3c3c20891261
- SHA1
  
  06e85c92bc99a631e95fe0b9ea22ad1caa1ca61f
- SHA256
  
  18cca38b90ada1ba589b098d3ce6cf7bb67b3c78af4915ac8d86550938890c6f
- SHA512
  
  2d388ade2cd7e132d9ba15d41832bbe6957d02ddecd508888f6336aee41f3f247b8bf4ad1a2be9c158141cd43f73af48c8b53059b03c1c82977ac7ba9fa9690c
- SSDEEP
  
  12288:751bFEi43Wxacp9cD23o4bUQ9bIL43LBiR5XfbxZBd0nR+dOy9cgxp19:VFFdx7cK3o4bUQlIE7BiRdbx3d6kcm19
Score

10^/10

blackmoon banker discovery trojan upx
- Blackmoon family
  blackmoon
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blackmoonbankerdiscoverytrojanupx

behavioral2

blackmoonbankerdiscoverytrojanupx

© 2018-2025

Terms | Privacy