Overview

overview

10

Static

static

7

NEAS.319ef...b0.exe

windows7-x64

10

NEAS.319ef...b0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.319ef620f7255754f8f5ce907a60a5b0.exe

  • Size

    117KB

  • Sample

    231013-yyrq8saa86

  • MD5

    319ef620f7255754f8f5ce907a60a5b0

  • SHA1

    17c95751e5b8aa2f822cc166938d616bb9e6f67b

  • SHA256

    eca8557589f514cab21f640254483c1b38a24328ad13d3c7c7fa3d3962afc5af

  • SHA512

    80f36032a01931943a9d9acf267884f595c9091d2f1216548b7a56fbf9d9732367c5719db5bbd42e99f900e756b0024f23fbfd0e85736503082dd83713e572b4

  • SSDEEP

    3072:chOmTsF93UYfwC6GIout5pi8rY9AABa1YRMxr0O:ccm4FmowdHoS5ddWhRlO

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.319ef620f7255754f8f5ce907a60a5b0.exe

    • Size

      117KB

    • MD5

      319ef620f7255754f8f5ce907a60a5b0

    • SHA1

      17c95751e5b8aa2f822cc166938d616bb9e6f67b

    • SHA256

      eca8557589f514cab21f640254483c1b38a24328ad13d3c7c7fa3d3962afc5af

    • SHA512

      80f36032a01931943a9d9acf267884f595c9091d2f1216548b7a56fbf9d9732367c5719db5bbd42e99f900e756b0024f23fbfd0e85736503082dd83713e572b4

    • SSDEEP

      3072:chOmTsF93UYfwC6GIout5pi8rY9AABa1YRMxr0O:ccm4FmowdHoS5ddWhRlO

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks