Overview

overview

10

Static

static

3

NEAS.a479d...30.exe

windows7-x64

10

NEAS.a479d...30.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.a479d123582c1c14853e256c00eb1030.exe

  • Size

    966KB

  • Sample

    231103-qf7qqsah5z

  • MD5

    a479d123582c1c14853e256c00eb1030

  • SHA1

    2ab3f7f74e250b01c8739735c27e7f3448f9b4e3

  • SHA256

    4fe467c5c8bd0ef37b1fca833304878e02b15bf6cb1a2706f8ea1df1d85cf1ba

  • SHA512

    2e6c38dfa629a77131a6c1028aabc6841d9d67e0deddc537851081a332842f892b4c9a0167eb27807638b6db93ecca5893c462741ffd8d967dc5a1578f554b3f

  • SSDEEP

    12288:n3C9ytvngQjy3C9I3YEWpYe+GalTLfOX+I3C9S3C9ytvngQj65syLr9fuWO:SgdnJVwLgdnJq9fu7

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.a479d123582c1c14853e256c00eb1030.exe

    • Size

      966KB

    • MD5

      a479d123582c1c14853e256c00eb1030

    • SHA1

      2ab3f7f74e250b01c8739735c27e7f3448f9b4e3

    • SHA256

      4fe467c5c8bd0ef37b1fca833304878e02b15bf6cb1a2706f8ea1df1d85cf1ba

    • SHA512

      2e6c38dfa629a77131a6c1028aabc6841d9d67e0deddc537851081a332842f892b4c9a0167eb27807638b6db93ecca5893c462741ffd8d967dc5a1578f554b3f

    • SSDEEP

      12288:n3C9ytvngQjy3C9I3YEWpYe+GalTLfOX+I3C9S3C9ytvngQj65syLr9fuWO:SgdnJVwLgdnJq9fu7

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks