Overview

overview

10

Static

static

7

e2813191dc...cs.exe

windows7-x64

10

e2813191dc...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2813191dce7580408321f71385f7f90_NeikiAnalytics.exe

  • Size

    198KB

  • Sample

    240518-sxatfaac73

  • MD5

    e2813191dce7580408321f71385f7f90

  • SHA1

    31ab34f00b5218ce5bf804bf68b8d170d950e05f

  • SHA256

    6ce1e8b225c04864b86c255baf23b28508eefc5a6597e7edab633e5da3dd0d53

  • SHA512

    27debf155cc4a385fc09c4d7a61c4e9d79e14df55e6ab142ac928b1aefa87acea0756d1d352ba4befe332045a0ef6a235bea80a13b60241ac488f6bcb1377149

  • SSDEEP

    3072:xhOmTsF93UYfwC6GIout3WVi/8HCpi8rY9AABa1YRMxl1522cJ1uIf:xcm4FmowdHoS3WV28HCddWhRO1Lc9f

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      e2813191dce7580408321f71385f7f90_NeikiAnalytics.exe

    • Size

      198KB

    • MD5

      e2813191dce7580408321f71385f7f90

    • SHA1

      31ab34f00b5218ce5bf804bf68b8d170d950e05f

    • SHA256

      6ce1e8b225c04864b86c255baf23b28508eefc5a6597e7edab633e5da3dd0d53

    • SHA512

      27debf155cc4a385fc09c4d7a61c4e9d79e14df55e6ab142ac928b1aefa87acea0756d1d352ba4befe332045a0ef6a235bea80a13b60241ac488f6bcb1377149

    • SSDEEP

      3072:xhOmTsF93UYfwC6GIout3WVi/8HCpi8rY9AABa1YRMxl1522cJ1uIf:xcm4FmowdHoS3WV28HCddWhRO1Lc9f

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks