Overview

overview

10

Static

static

7

NEAS.cf504...60.exe

windows7-x64

10

NEAS.cf504...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.cf504052d1e3389d486926a6980c1c60.exe

  • Size

    133KB

  • Sample

    231101-rnm7qsga6y

  • MD5

    cf504052d1e3389d486926a6980c1c60

  • SHA1

    b55af8e29681448418671629ae3986c3d65c86f7

  • SHA256

    f5989548553ba1ce86b28c2687c726570918183198f7ca63733fac5b35cad64a

  • SHA512

    ee70aa254c893ade9d1711872ee9bb26dab1615cbd2bc4a7800bedfc0e6ed024a19a3b5e0362bef126b0bb56f55768ceaf1944663f6ae3c56bfaba875409b593

  • SSDEEP

    3072:9hOmTsF93UYfwC6GIoutz5yLpcgDE4J/CyCB2y:9cm4FmowdHoS4/8Qy

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.cf504052d1e3389d486926a6980c1c60.exe

    • Size

      133KB

    • MD5

      cf504052d1e3389d486926a6980c1c60

    • SHA1

      b55af8e29681448418671629ae3986c3d65c86f7

    • SHA256

      f5989548553ba1ce86b28c2687c726570918183198f7ca63733fac5b35cad64a

    • SHA512

      ee70aa254c893ade9d1711872ee9bb26dab1615cbd2bc4a7800bedfc0e6ed024a19a3b5e0362bef126b0bb56f55768ceaf1944663f6ae3c56bfaba875409b593

    • SSDEEP

      3072:9hOmTsF93UYfwC6GIoutz5yLpcgDE4J/CyCB2y:9cm4FmowdHoS4/8Qy

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks