Overview

overview

10

Static

static

3

49a66a565c...cs.exe

windows7-x64

10

49a66a565c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    49a66a565c226c24f2622c2d07799d20_NeikiAnalytics.exe

  • Size

    433KB

  • Sample

    240519-177j6adc8x

  • MD5

    49a66a565c226c24f2622c2d07799d20

  • SHA1

    47afe84effea38478c328b902300c6cafe160f35

  • SHA256

    64957ae89377103e92c5cb4a58cb1f3964a7434ca70d0f0aecd6606174f4d15f

  • SHA512

    bc41a93124f02fb08e2b37cb59a4919e0c5d3c9254bcecdf4a4e35acf57f57db05d51bfa2d20893f91c006f3a4ffec998cc5a4dcd49db28de311cb5976c97878

  • SSDEEP

    12288:n3C9uMPh2kkkkK4kXkkkkkkkkl888888888888888888n3:ShPh2kkkkK4kXkkkkkkkkx

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      49a66a565c226c24f2622c2d07799d20_NeikiAnalytics.exe

    • Size

      433KB

    • MD5

      49a66a565c226c24f2622c2d07799d20

    • SHA1

      47afe84effea38478c328b902300c6cafe160f35

    • SHA256

      64957ae89377103e92c5cb4a58cb1f3964a7434ca70d0f0aecd6606174f4d15f

    • SHA512

      bc41a93124f02fb08e2b37cb59a4919e0c5d3c9254bcecdf4a4e35acf57f57db05d51bfa2d20893f91c006f3a4ffec998cc5a4dcd49db28de311cb5976c97878

    • SSDEEP

      12288:n3C9uMPh2kkkkK4kXkkkkkkkkl888888888888888888n3:ShPh2kkkkK4kXkkkkkkkkx

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks