Overview

overview

10

Static

static

3

NEAS.c5ea3...30.exe

windows7-x64

10

NEAS.c5ea3...30.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.c5ea32ae497af4390cfe2a8ef7337430.exe

  • Size

    91KB

  • Sample

    231016-w9gpasba5x

  • MD5

    c5ea32ae497af4390cfe2a8ef7337430

  • SHA1

    7b4e601378cf8c9b864c1c7f0438dd1af88c52f8

  • SHA256

    1c99bb5dda234a869e9df9ca9c7e29399a388a4c88329658af43ccc1d1aca4e4

  • SHA512

    92efdaf8e7ba111844eb3e7a240746777f2c766781354174567c8a8f1ec38fd3533b18a0023ad1244a28ecd5234ee22ca7c9b31a640aa9356dcfcdb57631d7be

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxE6vr/mA4:ymb3NkkiQ3mdBjFo73PYP1lri3KVT+b5

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.c5ea32ae497af4390cfe2a8ef7337430.exe

    • Size

      91KB

    • MD5

      c5ea32ae497af4390cfe2a8ef7337430

    • SHA1

      7b4e601378cf8c9b864c1c7f0438dd1af88c52f8

    • SHA256

      1c99bb5dda234a869e9df9ca9c7e29399a388a4c88329658af43ccc1d1aca4e4

    • SHA512

      92efdaf8e7ba111844eb3e7a240746777f2c766781354174567c8a8f1ec38fd3533b18a0023ad1244a28ecd5234ee22ca7c9b31a640aa9356dcfcdb57631d7be

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxE6vr/mA4:ymb3NkkiQ3mdBjFo73PYP1lri3KVT+b5

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks