Overview

overview

10

Static

static

3

NEAS.2ff66...60.exe

windows7-x64

10

NEAS.2ff66...60.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.2ff66d35316b1f82c3990b6b7273a360.exe

  • Size

    275KB

  • Sample

    231013-ytfheahh27

  • MD5

    2ff66d35316b1f82c3990b6b7273a360

  • SHA1

    f2daaa819d32d8396f3cd8154a2ee8b577c1ffeb

  • SHA256

    a068f1d5689b3d8c9e0186afcc9c29d4656f1a29622dd5b3f086f5576c6d4bb8

  • SHA512

    f2b1f3e1efa4782b6d5fcae5d45a89bf0a5af605c8f91eaecd738d5eb9309eb9627cb6093dba6b7fbd5cc3d1e3a0d61b9d1f5fc38eaf2298d28793db6429f01a

  • SSDEEP

    3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKP3:Tcm7ImGddXlWrXF5lpKGYV0wh63

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.2ff66d35316b1f82c3990b6b7273a360.exe

    • Size

      275KB

    • MD5

      2ff66d35316b1f82c3990b6b7273a360

    • SHA1

      f2daaa819d32d8396f3cd8154a2ee8b577c1ffeb

    • SHA256

      a068f1d5689b3d8c9e0186afcc9c29d4656f1a29622dd5b3f086f5576c6d4bb8

    • SHA512

      f2b1f3e1efa4782b6d5fcae5d45a89bf0a5af605c8f91eaecd738d5eb9309eb9627cb6093dba6b7fbd5cc3d1e3a0d61b9d1f5fc38eaf2298d28793db6429f01a

    • SSDEEP

      3072:ThOm2sI93UufdC67cipfmCiiiXAQ5lpBoGYwNNhu0CzhKP3:Tcm7ImGddXlWrXF5lpKGYV0wh63

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks