Overview

overview

10

Static

static

3

NEAS.20bd6...50.exe

windows7-x64

10

NEAS.20bd6...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.20bd683805a2facf209fe5f8a6639850.exe

  • Size

    59KB

  • Sample

    231031-ksfvwsbc51

  • MD5

    20bd683805a2facf209fe5f8a6639850

  • SHA1

    1a6766a423ac2333471310186eff707450c76968

  • SHA256

    44f2f916a8de0933d49300d35a8903532f06104867ada85de32b18843a15b478

  • SHA512

    eaeec7b9934513b9e360ca7186502dd8900fce7c052f27fd562b865610af6e16fbcd5a67a6d0c193a8d8033bfc8005d18a58e2b657961b4175448953cfab4c3a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUe:ymb3NkkiQ3mdBjFIgUe

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.20bd683805a2facf209fe5f8a6639850.exe

    • Size

      59KB

    • MD5

      20bd683805a2facf209fe5f8a6639850

    • SHA1

      1a6766a423ac2333471310186eff707450c76968

    • SHA256

      44f2f916a8de0933d49300d35a8903532f06104867ada85de32b18843a15b478

    • SHA512

      eaeec7b9934513b9e360ca7186502dd8900fce7c052f27fd562b865610af6e16fbcd5a67a6d0c193a8d8033bfc8005d18a58e2b657961b4175448953cfab4c3a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgUe:ymb3NkkiQ3mdBjFIgUe

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks