Overview

overview

10

Static

static

7

NEAS.89337...a0.exe

windows7-x64

10

NEAS.89337...a0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.893377a9e7c6faa044168a099dfdcca0.exe

  • Size

    374KB

  • Sample

    231111-fkkrnaca67

  • MD5

    893377a9e7c6faa044168a099dfdcca0

  • SHA1

    2439338d69ff230a988e3406b5f217a3caa5335a

  • SHA256

    0357dc644a001f39fccf23264b5cc511af64ae3552632f34e708bedaa84a001c

  • SHA512

    87781fb5dfd8c79dc8d59544d32cef4d8703ab7d5203daabc9ad65f107c5a194c8d0b7807020a7010dee104477117fbab9c11e3f300980d9316be86989e38a4f

  • SSDEEP

    6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbsXd:y4wFHoS3eFaKHpNKbbst

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.893377a9e7c6faa044168a099dfdcca0.exe

    • Size

      374KB

    • MD5

      893377a9e7c6faa044168a099dfdcca0

    • SHA1

      2439338d69ff230a988e3406b5f217a3caa5335a

    • SHA256

      0357dc644a001f39fccf23264b5cc511af64ae3552632f34e708bedaa84a001c

    • SHA512

      87781fb5dfd8c79dc8d59544d32cef4d8703ab7d5203daabc9ad65f107c5a194c8d0b7807020a7010dee104477117fbab9c11e3f300980d9316be86989e38a4f

    • SSDEEP

      6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbsXd:y4wFHoS3eFaKHpNKbbst

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks