Overview

overview

10

Static

static

3

NEAS.fff84...90.exe

windows7-x64

10

NEAS.fff84...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.fff84ea43049f45d0a4a549e580d5b90.exe

  • Size

    137KB

  • Sample

    231101-rrk7jshh7y

  • MD5

    fff84ea43049f45d0a4a549e580d5b90

  • SHA1

    644c2cb32cacd3d4800697daa2522c4dc149b6f9

  • SHA256

    7e8d8edbfbef09fa44c786893fbd799b73e4b82ffec0f9052ec8ff20564518a7

  • SHA512

    8c30bf4a78407b8d8ed536a7677dddc18b5dfd8b47dd7ab83f31e2edcfec497e21b0a35289ba98f6fb4e2ee0d48f1e36e7b8271dcc139c5763d3e7742d81ab5a

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9ggGQfhh8KRd:n3C9BRo7tvnJ9lND

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.fff84ea43049f45d0a4a549e580d5b90.exe

    • Size

      137KB

    • MD5

      fff84ea43049f45d0a4a549e580d5b90

    • SHA1

      644c2cb32cacd3d4800697daa2522c4dc149b6f9

    • SHA256

      7e8d8edbfbef09fa44c786893fbd799b73e4b82ffec0f9052ec8ff20564518a7

    • SHA512

      8c30bf4a78407b8d8ed536a7677dddc18b5dfd8b47dd7ab83f31e2edcfec497e21b0a35289ba98f6fb4e2ee0d48f1e36e7b8271dcc139c5763d3e7742d81ab5a

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9ggGQfhh8KRd:n3C9BRo7tvnJ9lND

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks