Overview

overview

10

Static

static

3

NEAS.9ec6b...60.exe

windows7-x64

10

NEAS.9ec6b...60.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.9ec6b081e95fc8cd175e55e0158f0860.exe

  • Size

    67KB

  • Sample

    231016-w532qsgh31

  • MD5

    9ec6b081e95fc8cd175e55e0158f0860

  • SHA1

    3eb63987b8f7c935865a116a4fc118d13c658a89

  • SHA256

    1d9569b703443cbe4262d20e2983a3f33817ac9d4259013cb1066c70f934875e

  • SHA512

    eabbdb301e89f4df680ebcfec06802f5891926fe61387b182b7b34035ea46880706add3f8f24267eb1bb5e9a85799c3cf8eff7e84f2c4653d2111138466e6c1a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7Z:ymb3NkkiQ3mdBjFo7Z

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.9ec6b081e95fc8cd175e55e0158f0860.exe

    • Size

      67KB

    • MD5

      9ec6b081e95fc8cd175e55e0158f0860

    • SHA1

      3eb63987b8f7c935865a116a4fc118d13c658a89

    • SHA256

      1d9569b703443cbe4262d20e2983a3f33817ac9d4259013cb1066c70f934875e

    • SHA512

      eabbdb301e89f4df680ebcfec06802f5891926fe61387b182b7b34035ea46880706add3f8f24267eb1bb5e9a85799c3cf8eff7e84f2c4653d2111138466e6c1a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo7Z:ymb3NkkiQ3mdBjFo7Z

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks