Overview

overview

10

Static

static

3

NEAS.41f96...JC.exe

windows7-x64

10

NEAS.41f96...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.41f968170b43ce01173b8050e4942da0_JC.exe

  • Size

    143KB

  • Sample

    231103-a5gmvahe9y

  • MD5

    41f968170b43ce01173b8050e4942da0

  • SHA1

    b8b6024495df2a741db91b5c6052f61b42c3fcec

  • SHA256

    e99236d3c29bb0dd2473390c352a344258f4d8781d7811c4af973677921c2445

  • SHA512

    da8ce2f3e234c6fe2937edb5c3346cd0100e78a764aea131fd11a5af18c5315125daabb7c133ec63661da33ad0f0ffc8877fe1aef429e3ef1ff896851dcccc53

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73HUoMsAbrwlCtB29Vn:n3C9BRo7HCsAbQCr2H

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.41f968170b43ce01173b8050e4942da0_JC.exe

    • Size

      143KB

    • MD5

      41f968170b43ce01173b8050e4942da0

    • SHA1

      b8b6024495df2a741db91b5c6052f61b42c3fcec

    • SHA256

      e99236d3c29bb0dd2473390c352a344258f4d8781d7811c4af973677921c2445

    • SHA512

      da8ce2f3e234c6fe2937edb5c3346cd0100e78a764aea131fd11a5af18c5315125daabb7c133ec63661da33ad0f0ffc8877fe1aef429e3ef1ff896851dcccc53

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73HUoMsAbrwlCtB29Vn:n3C9BRo7HCsAbQCr2H

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks