Overview

overview

10

Static

static

3

NEAS.9190d...c0.exe

windows7-x64

10

NEAS.9190d...c0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.9190d1cdbd42698864fce3db51cd19c0.exe

  • Size

    338KB

  • Sample

    231016-w4trnsgb9s

  • MD5

    9190d1cdbd42698864fce3db51cd19c0

  • SHA1

    aff22caa76cd45a9f99038c316bf86374cea9331

  • SHA256

    e3f7d7b645d00638f392f0c35a3c751e6094bb90986b1978f939f5dd3b7029c5

  • SHA512

    1646a20204ac6ee07b444cb797ddde37c896b96c6e96e594213e1d2d141c0197186d677a646051c0e934d63807801293b4304c3e06e41531168d24862b47427f

  • SSDEEP

    3072:PhOm2sI93UufdC67cihfmCiiiXAsACF486jC1IjJV:Pcm7ImGddXtWrXD486jCg

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.9190d1cdbd42698864fce3db51cd19c0.exe

    • Size

      338KB

    • MD5

      9190d1cdbd42698864fce3db51cd19c0

    • SHA1

      aff22caa76cd45a9f99038c316bf86374cea9331

    • SHA256

      e3f7d7b645d00638f392f0c35a3c751e6094bb90986b1978f939f5dd3b7029c5

    • SHA512

      1646a20204ac6ee07b444cb797ddde37c896b96c6e96e594213e1d2d141c0197186d677a646051c0e934d63807801293b4304c3e06e41531168d24862b47427f

    • SSDEEP

      3072:PhOm2sI93UufdC67cihfmCiiiXAsACF486jC1IjJV:Pcm7ImGddXtWrXD486jCg

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks