Overview

overview

10

Static

static

7

NEAS.d6eb5...60.exe

windows7-x64

10

NEAS.d6eb5...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.d6eb5bb7c4e63dd620eb9fc4d0f35e60.exe

  • Size

    74KB

  • Sample

    231013-zh7cesbb88

  • MD5

    d6eb5bb7c4e63dd620eb9fc4d0f35e60

  • SHA1

    6e64137dcb4c0683379247160bbc309e9c2efd98

  • SHA256

    1dd8d5b98e260169afecc4b5ad65360aacfcd8df1997b20159daa8bbd6b39c8a

  • SHA512

    5195bff6b0aa827eef7f557822048cab8736e1531e0681917647a3dbcb0d933d36d59e5a288bc6f0f014957c79e68d167bfd7497428a251dfcfe25a8f9c4e2fc

  • SSDEEP

    1536:0vQBeOGtrYS3srx93UBWfwC6Ggnouy8CUYj7qxXksNfOvRQvQn:0hOmTsF93UYfwC6GIoutXtksNWvR/

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.d6eb5bb7c4e63dd620eb9fc4d0f35e60.exe

    • Size

      74KB

    • MD5

      d6eb5bb7c4e63dd620eb9fc4d0f35e60

    • SHA1

      6e64137dcb4c0683379247160bbc309e9c2efd98

    • SHA256

      1dd8d5b98e260169afecc4b5ad65360aacfcd8df1997b20159daa8bbd6b39c8a

    • SHA512

      5195bff6b0aa827eef7f557822048cab8736e1531e0681917647a3dbcb0d933d36d59e5a288bc6f0f014957c79e68d167bfd7497428a251dfcfe25a8f9c4e2fc

    • SSDEEP

      1536:0vQBeOGtrYS3srx93UBWfwC6Ggnouy8CUYj7qxXksNfOvRQvQn:0hOmTsF93UYfwC6GIoutXtksNWvR/

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks