Overview

overview

10

Static

static

3

b378a13d22...cs.exe

windows7-x64

10

b378a13d22...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b378a13d22be8750c033fb01e84f50c0_NeikiAnalytics.exe

  • Size

    385KB

  • Sample

    240517-f33eesbc2x

  • MD5

    b378a13d22be8750c033fb01e84f50c0

  • SHA1

    2ebe767ee584ddd7ceab99920526ebf445084342

  • SHA256

    5cdf7c4d6f89c719f9fbc65de79fd75d67cb741db6feefb9531d6aee884042af

  • SHA512

    4a969542af19c538c36b3f4c71b4bb9ab208bc6b36b4fb67fac23b390af7d6b6301c9f8975a17b6410ab93715908485523d867cc786844321da46f76b56c1266

  • SSDEEP

    12288:n3C9uMPh2kkkkK4kXkkkkkkkkl8888888888888888882:ShPh2kkkkK4kXkkkkkkkkU

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      b378a13d22be8750c033fb01e84f50c0_NeikiAnalytics.exe

    • Size

      385KB

    • MD5

      b378a13d22be8750c033fb01e84f50c0

    • SHA1

      2ebe767ee584ddd7ceab99920526ebf445084342

    • SHA256

      5cdf7c4d6f89c719f9fbc65de79fd75d67cb741db6feefb9531d6aee884042af

    • SHA512

      4a969542af19c538c36b3f4c71b4bb9ab208bc6b36b4fb67fac23b390af7d6b6301c9f8975a17b6410ab93715908485523d867cc786844321da46f76b56c1266

    • SSDEEP

      12288:n3C9uMPh2kkkkK4kXkkkkkkkkl8888888888888888882:ShPh2kkkkK4kXkkkkkkkkU

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks