Overview

overview

10

Static

static

7

NEAS.c07f4...f0.exe

windows7-x64

10

NEAS.c07f4...f0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.c07f49fd0b72f0116c87da4fbf1fa1f0.exe

  • Size

    292KB

  • Sample

    231016-w8tbpsaf8x

  • MD5

    c07f49fd0b72f0116c87da4fbf1fa1f0

  • SHA1

    a7899e72fb55b04e0f2aa72583ffc945b68fdfd2

  • SHA256

    4bbe6678402483f67181f3a7128f3f1e633727606e33cdf6211c015a599e2c23

  • SHA512

    2db8a897204e3b8426edca420f7aac160c404e73f0d48b17e573dc8f174b0742fe82a53248cefcc2246c5d1e8850076cb0f75eeca7d085d28bc691cffccc49b9

  • SSDEEP

    6144:xcm4FmowdHoSCL6l6Jo6x2f6TLNPzD4mJy9G7avspxceLmbiyLF7LGzXyb30C9Is:74wFHoSCWl6h2iTpzD4mJy9G7aWxceL0

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.c07f49fd0b72f0116c87da4fbf1fa1f0.exe

    • Size

      292KB

    • MD5

      c07f49fd0b72f0116c87da4fbf1fa1f0

    • SHA1

      a7899e72fb55b04e0f2aa72583ffc945b68fdfd2

    • SHA256

      4bbe6678402483f67181f3a7128f3f1e633727606e33cdf6211c015a599e2c23

    • SHA512

      2db8a897204e3b8426edca420f7aac160c404e73f0d48b17e573dc8f174b0742fe82a53248cefcc2246c5d1e8850076cb0f75eeca7d085d28bc691cffccc49b9

    • SSDEEP

      6144:xcm4FmowdHoSCL6l6Jo6x2f6TLNPzD4mJy9G7avspxceLmbiyLF7LGzXyb30C9Is:74wFHoSCWl6h2iTpzD4mJy9G7aWxceL0

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks