Overview

overview

10

Static

static

3

39a6b832a4...cs.exe

windows7-x64

10

39a6b832a4...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39a6b832a4b24fea1365230b626e0190_NeikiAnalytics.exe

  • Size

    244KB

  • Sample

    240519-a7q93ahd7v

  • MD5

    39a6b832a4b24fea1365230b626e0190

  • SHA1

    3c08c7b2c837404cb8e3310a308602e3fb7fb356

  • SHA256

    bc2124504a1027ddcb289e81f8cd4c2e1732df2406b983801c948d9804cdb96d

  • SHA512

    1859afef84bcc50453ef5e3ba48feec3b680ddb0285db1ab86ac31dfa87b7c40eba697ed26888107724394db99faeb7bfb2081224774050f8ef1857bc5e758ed

  • SSDEEP

    6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRz:n3C9uD6AUDCa4NYmRz

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      39a6b832a4b24fea1365230b626e0190_NeikiAnalytics.exe

    • Size

      244KB

    • MD5

      39a6b832a4b24fea1365230b626e0190

    • SHA1

      3c08c7b2c837404cb8e3310a308602e3fb7fb356

    • SHA256

      bc2124504a1027ddcb289e81f8cd4c2e1732df2406b983801c948d9804cdb96d

    • SHA512

      1859afef84bcc50453ef5e3ba48feec3b680ddb0285db1ab86ac31dfa87b7c40eba697ed26888107724394db99faeb7bfb2081224774050f8ef1857bc5e758ed

    • SSDEEP

      6144:n3C9BRo/AIX27NHWpU00VIxas1oa3YiFRz:n3C9uD6AUDCa4NYmRz

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks