Overview

overview

10

Static

static

7

NEAS.d65fd...c0.exe

windows7-x64

10

NEAS.d65fd...c0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.d65fd0d1906a8b16a663225319a947c0.exe

  • Size

    69KB

  • Sample

    231014-xyjvyshb8y

  • MD5

    d65fd0d1906a8b16a663225319a947c0

  • SHA1

    f56bbc2f7dc3a639314676e8e405608a562f5736

  • SHA256

    5d662339b6b82304e87696c2c5c22af13b3c1799d9d160853deb902d34118c97

  • SHA512

    0506022975d8d9076cd54d58581c70963a79e0e7c469eea5cfe776f0a2494035253ab3dbdea11a1766ed3b6fda8457abfe74e2551237283460b6744faba2db20

  • SSDEEP

    1536:ivQBeOGtrYS3srx93UBWfwC6Ggnouy8mUm94FtQUT:ihOmTsF93UYfwC6GIoutmd94DQUT

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.d65fd0d1906a8b16a663225319a947c0.exe

    • Size

      69KB

    • MD5

      d65fd0d1906a8b16a663225319a947c0

    • SHA1

      f56bbc2f7dc3a639314676e8e405608a562f5736

    • SHA256

      5d662339b6b82304e87696c2c5c22af13b3c1799d9d160853deb902d34118c97

    • SHA512

      0506022975d8d9076cd54d58581c70963a79e0e7c469eea5cfe776f0a2494035253ab3dbdea11a1766ed3b6fda8457abfe74e2551237283460b6744faba2db20

    • SSDEEP

      1536:ivQBeOGtrYS3srx93UBWfwC6Ggnouy8mUm94FtQUT:ihOmTsF93UYfwC6GIoutmd94DQUT

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks