Overview

overview

10

Static

static

3

df7d0a3543...cs.exe

windows7-x64

10

df7d0a3543...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    df7d0a3543fad52fac278e52c73dad40_NeikiAnalytics.exe

  • Size

    64KB

  • Sample

    240518-sl63hahf27

  • MD5

    df7d0a3543fad52fac278e52c73dad40

  • SHA1

    007431b7cd47a4d411247509036e15780d976ada

  • SHA256

    6b85dbc26ded7f2657d99cf8b808d7b380b94a4e1ee0e82b421d4dcb332f701a

  • SHA512

    992d9ba61d4f7930d66a48d3d8afc307e98df4916de01e7d0b0d0782b8a98b7f9fe07b277795a1f1684a1ee61de6d329fe0d3221fd4670842a2bd2a150f8d562

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIhJm/wg:ymb3NkkiQ3mdBjFILmT

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      df7d0a3543fad52fac278e52c73dad40_NeikiAnalytics.exe

    • Size

      64KB

    • MD5

      df7d0a3543fad52fac278e52c73dad40

    • SHA1

      007431b7cd47a4d411247509036e15780d976ada

    • SHA256

      6b85dbc26ded7f2657d99cf8b808d7b380b94a4e1ee0e82b421d4dcb332f701a

    • SHA512

      992d9ba61d4f7930d66a48d3d8afc307e98df4916de01e7d0b0d0782b8a98b7f9fe07b277795a1f1684a1ee61de6d329fe0d3221fd4670842a2bd2a150f8d562

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIhJm/wg:ymb3NkkiQ3mdBjFILmT

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks