Overview

overview

10

Static

static

7

NEAS.104fa...60.exe

windows7-x64

10

NEAS.104fa...60.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.104fac7c3404ead1999ad842d6ad5d60.exe

  • Size

    451KB

  • Sample

    231022-vahxmsdb23

  • MD5

    104fac7c3404ead1999ad842d6ad5d60

  • SHA1

    27dfe16bfb50489e98574e6e29d21cc0630754cc

  • SHA256

    d58a4ca5ac9bde1abf1ecfbc923e59123f8b002d9f03ef1ed50c313d11f273e5

  • SHA512

    da254bea36e17c8aba9430dc3ec9ca323631220cffd90e3d4d185279a9c7a3048bc3f5fd825de7110ff7e6a1fe558a810934e35a8b76de0c481ea5f0f5eb6bcc

  • SSDEEP

    12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYm5:HFp3lz1XUDCaGYm5

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.104fac7c3404ead1999ad842d6ad5d60.exe

    • Size

      451KB

    • MD5

      104fac7c3404ead1999ad842d6ad5d60

    • SHA1

      27dfe16bfb50489e98574e6e29d21cc0630754cc

    • SHA256

      d58a4ca5ac9bde1abf1ecfbc923e59123f8b002d9f03ef1ed50c313d11f273e5

    • SHA512

      da254bea36e17c8aba9430dc3ec9ca323631220cffd90e3d4d185279a9c7a3048bc3f5fd825de7110ff7e6a1fe558a810934e35a8b76de0c481ea5f0f5eb6bcc

    • SSDEEP

      12288:y4wFHoS3eFp3IDvSbh5nPYERAAUDCa4NYm5:HFp3lz1XUDCaGYm5

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks