Overview

overview

10

Static

static

3

587ae600f8...cs.exe

windows7-x64

10

587ae600f8...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    587ae600f8db324e0931c55f7c140c70_NeikiAnalytics.exe

  • Size

    133KB

  • Sample

    240519-28xl1sgc77

  • MD5

    587ae600f8db324e0931c55f7c140c70

  • SHA1

    6b109c07f55e629b79743e857f000c72701047aa

  • SHA256

    d20a47e6e3cf862a3d0dc3c50e2e67a72fe98e342d2b3a905e5b9f68d737d78a

  • SHA512

    074d0fba7107b33d593aa23e18896ed33be83c56bbaba2bdb01cc3a98d85530e6927a5213fe600a29b96b3ea52d03e0b52bfe260a68bf4e694f384554d74d060

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73HUoMsAbrF3BTUwFQ:n3C9BRo7HCsAbhxYD

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      587ae600f8db324e0931c55f7c140c70_NeikiAnalytics.exe

    • Size

      133KB

    • MD5

      587ae600f8db324e0931c55f7c140c70

    • SHA1

      6b109c07f55e629b79743e857f000c72701047aa

    • SHA256

      d20a47e6e3cf862a3d0dc3c50e2e67a72fe98e342d2b3a905e5b9f68d737d78a

    • SHA512

      074d0fba7107b33d593aa23e18896ed33be83c56bbaba2bdb01cc3a98d85530e6927a5213fe600a29b96b3ea52d03e0b52bfe260a68bf4e694f384554d74d060

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73HUoMsAbrF3BTUwFQ:n3C9BRo7HCsAbhxYD

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks