Overview

overview

10

Static

static

3

NEAS.df266...60.exe

windows7-x64

10

NEAS.df266...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.df2664c4557845d73d3e8b379733a260.exe

  • Size

    66KB

  • Sample

    231014-xzhz2sbe76

  • MD5

    df2664c4557845d73d3e8b379733a260

  • SHA1

    f29a59fa98bfbd043821b2a5b3a370dc2c2895aa

  • SHA256

    998277ea27c2f3491127c6fa0a4a001690e9d49f67ae9551a66e3e0f502cc8b1

  • SHA512

    dda74c040354d7ed7a196b4b4d50ffeebfb714b2170867e10bab67f8f49170b91b0e24de98ed9ef2014e424f5ce0ccd58660fbf6af57e53a698565364d59c140

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1gV0:ymb3NkkiQ3mdBjFoLkI0

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.df2664c4557845d73d3e8b379733a260.exe

    • Size

      66KB

    • MD5

      df2664c4557845d73d3e8b379733a260

    • SHA1

      f29a59fa98bfbd043821b2a5b3a370dc2c2895aa

    • SHA256

      998277ea27c2f3491127c6fa0a4a001690e9d49f67ae9551a66e3e0f502cc8b1

    • SHA512

      dda74c040354d7ed7a196b4b4d50ffeebfb714b2170867e10bab67f8f49170b91b0e24de98ed9ef2014e424f5ce0ccd58660fbf6af57e53a698565364d59c140

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDoLU1gV0:ymb3NkkiQ3mdBjFoLkI0

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks