Overview

overview

10

Static

static

3

383057e145...cs.exe

windows7-x64

10

383057e145...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    383057e1459a2a64e79891760b3f0b40_NeikiAnalytics.exe

  • Size

    128KB

  • Sample

    240519-a3wnzshb6v

  • MD5

    383057e1459a2a64e79891760b3f0b40

  • SHA1

    3a5f44276e631fa1302f9c50afad016da27c0d1d

  • SHA256

    5c4bc32e4f3e99fa6fcd72523770abfc1a6b6720fe63d8ef06579b368f4f2588

  • SHA512

    a8c776f5894d25d4366f84cb1b812288e5a9cdfdf72572955d35db15c904870f8092f1a6b9bd4c41a4729abdc751f73b93f350441eae0e6428a3135aaf56b1da

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX/x6gt/:n3C9BRW0j/uVEZFJvN

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      383057e1459a2a64e79891760b3f0b40_NeikiAnalytics.exe

    • Size

      128KB

    • MD5

      383057e1459a2a64e79891760b3f0b40

    • SHA1

      3a5f44276e631fa1302f9c50afad016da27c0d1d

    • SHA256

      5c4bc32e4f3e99fa6fcd72523770abfc1a6b6720fe63d8ef06579b368f4f2588

    • SHA512

      a8c776f5894d25d4366f84cb1b812288e5a9cdfdf72572955d35db15c904870f8092f1a6b9bd4c41a4729abdc751f73b93f350441eae0e6428a3135aaf56b1da

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afoHvmQ+EZMYX/x6gt/:n3C9BRW0j/uVEZFJvN

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks