Overview

overview

10

Static

static

3

NEAS.28e30...d0.exe

windows7-x64

10

NEAS.28e30...d0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.28e30be6665e2c4989711a5d67fe0cd0.exe

  • Size

    118KB

  • Sample

    231115-f56jvseb3v

  • MD5

    28e30be6665e2c4989711a5d67fe0cd0

  • SHA1

    440a2bea37e3cba28c211c067d770675053d5806

  • SHA256

    2af3c0ad78e4263112f3ea7bfed5affb5cc57d98dd9148d9b1ae76e8bf67391f

  • SHA512

    0ecddbea11607c330162dc9c72f5ad703c0a833135e647123c9a4ed4cf7b1720dddbbf8d1af35d04374353d1e60bad232bf67d3f0985d12c0c6e6c1abe7e6eb5

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX2CDo:n3C9BRW0j/uVEZF2CDo

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.28e30be6665e2c4989711a5d67fe0cd0.exe

    • Size

      118KB

    • MD5

      28e30be6665e2c4989711a5d67fe0cd0

    • SHA1

      440a2bea37e3cba28c211c067d770675053d5806

    • SHA256

      2af3c0ad78e4263112f3ea7bfed5affb5cc57d98dd9148d9b1ae76e8bf67391f

    • SHA512

      0ecddbea11607c330162dc9c72f5ad703c0a833135e647123c9a4ed4cf7b1720dddbbf8d1af35d04374353d1e60bad232bf67d3f0985d12c0c6e6c1abe7e6eb5

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX2CDo:n3C9BRW0j/uVEZF2CDo

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks