Overview

overview

10

Static

static

3

NEAS.37e8a...e0.exe

windows7-x64

10

NEAS.37e8a...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.37e8a71d6b612141a00c7563dcc396e0.exe

  • Size

    139KB

  • Sample

    231117-cw5z7ade87

  • MD5

    37e8a71d6b612141a00c7563dcc396e0

  • SHA1

    c5f97528738c2ad6f8ac079281eaab0a154a6a85

  • SHA256

    af7dedbfdb63db6bb56f54bda7da33b7211bfb4c2020df3849b3cb91e47037f0

  • SHA512

    52b356e797c20a70a27f9bb81d240d19a84ef564a4772fee35834c260408b63376567f95490ddb0b9af34afa69daf407d3205292eba34e67c3a7655942ace511

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9gFbctg0IyAyhZvjDUOy/nmPmT9I:n3C9BRo7tvnJ9oH0IRgZvjDhy+PmxI

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      NEAS.37e8a71d6b612141a00c7563dcc396e0.exe

    • Size

      139KB

    • MD5

      37e8a71d6b612141a00c7563dcc396e0

    • SHA1

      c5f97528738c2ad6f8ac079281eaab0a154a6a85

    • SHA256

      af7dedbfdb63db6bb56f54bda7da33b7211bfb4c2020df3849b3cb91e47037f0

    • SHA512

      52b356e797c20a70a27f9bb81d240d19a84ef564a4772fee35834c260408b63376567f95490ddb0b9af34afa69daf407d3205292eba34e67c3a7655942ace511

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9gFbctg0IyAyhZvjDUOy/nmPmT9I:n3C9BRo7tvnJ9oH0IRgZvjDhy+PmxI

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks