Overview

overview

10

Static

static

7

2f5106757f...cs.exe

windows7-x64

10

2f5106757f...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f5106757fceeeffed9e77948ceaf690_NeikiAnalytics.exe

  • Size

    379KB

  • Sample

    240517-zh4ljaab5z

  • MD5

    2f5106757fceeeffed9e77948ceaf690

  • SHA1

    0d22efb484ad97a00508cd925cc27543b01ffe84

  • SHA256

    2bf7c6f6b7f17a8755db06f4d3a759dc33fd13852691f15e645fdff5c5a0514a

  • SHA512

    e9839711a0b02fe98b11b47412061ed6bb9c1eb21638b697b52e5e9acc5215ad827d820258c296482d5cb060ee3da27f38d8a0bfd5aac822cd8c0410b4203f7f

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoA:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoo

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      2f5106757fceeeffed9e77948ceaf690_NeikiAnalytics.exe

    • Size

      379KB

    • MD5

      2f5106757fceeeffed9e77948ceaf690

    • SHA1

      0d22efb484ad97a00508cd925cc27543b01ffe84

    • SHA256

      2bf7c6f6b7f17a8755db06f4d3a759dc33fd13852691f15e645fdff5c5a0514a

    • SHA512

      e9839711a0b02fe98b11b47412061ed6bb9c1eb21638b697b52e5e9acc5215ad827d820258c296482d5cb060ee3da27f38d8a0bfd5aac822cd8c0410b4203f7f

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoA:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoo

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks