Overview

overview

10

Static

static

3

207d8ca671...cs.exe

windows7-x64

10

207d8ca671...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    207d8ca67164cef29cfa5c69097d4d80_NeikiAnalytics.exe

  • Size

    335KB

  • Sample

    240518-29t8aadd2z

  • MD5

    207d8ca67164cef29cfa5c69097d4d80

  • SHA1

    6b2ca4a131ce1d8728a06f2d4065c87e8e06b226

  • SHA256

    03aa75289f7ac11f50304de19ed58cfa67ee7afcc1253e1f2371beb17396d6b0

  • SHA512

    13db6af9349d8e8b4e63a79c79235be9d158db45edb0d64002629547c0734c2c3a40d4491d5709221e2344b571f8814d6e0b227941c1bce87ada8c4ea536cc1c

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqnuOeHzmB600TUA6Z7zupc+BT:n3C9BRo7tvnJ99T/KZEuOod00TG+BT

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      207d8ca67164cef29cfa5c69097d4d80_NeikiAnalytics.exe

    • Size

      335KB

    • MD5

      207d8ca67164cef29cfa5c69097d4d80

    • SHA1

      6b2ca4a131ce1d8728a06f2d4065c87e8e06b226

    • SHA256

      03aa75289f7ac11f50304de19ed58cfa67ee7afcc1253e1f2371beb17396d6b0

    • SHA512

      13db6af9349d8e8b4e63a79c79235be9d158db45edb0d64002629547c0734c2c3a40d4491d5709221e2344b571f8814d6e0b227941c1bce87ada8c4ea536cc1c

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp99zm+/KZBHqnuOeHzmB600TUA6Z7zupc+BT:n3C9BRo7tvnJ99T/KZEuOod00TG+BT

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks