Overview

overview

10

Static

static

3

603f335e28...cs.exe

windows7-x64

10

603f335e28...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    603f335e2861ba28c89f52716a701860_NeikiAnalytics.exe

  • Size

    92KB

  • Sample

    240519-3p2bjahc72

  • MD5

    603f335e2861ba28c89f52716a701860

  • SHA1

    c030eafbfd7d4ab95d34e13179040177e839fa47

  • SHA256

    c05639d826765df8c4406c8f6969a9d8038dec6157a238934212b96486419263

  • SHA512

    4e02916811e5899cb23eccb3e3b57c4972d8c88eb724312b634d5c9717808a241b99cbb4dd0c1729cf9aaba44e940e942f079706e7ca1026e0266b8445f8172a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxS1rj/21w:ymb3NkkiQ3mdBjFo73PYP1lri3K8Gy

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      603f335e2861ba28c89f52716a701860_NeikiAnalytics.exe

    • Size

      92KB

    • MD5

      603f335e2861ba28c89f52716a701860

    • SHA1

      c030eafbfd7d4ab95d34e13179040177e839fa47

    • SHA256

      c05639d826765df8c4406c8f6969a9d8038dec6157a238934212b96486419263

    • SHA512

      4e02916811e5899cb23eccb3e3b57c4972d8c88eb724312b634d5c9717808a241b99cbb4dd0c1729cf9aaba44e940e942f079706e7ca1026e0266b8445f8172a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxS1rj/21w:ymb3NkkiQ3mdBjFo73PYP1lri3K8Gy

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks