Overview

overview

10

Static

static

3

2f8b80fb1d...cs.exe

windows7-x64

10

2f8b80fb1d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f8b80fb1d62bb192a1e570b65b331b0_NeikiAnalytics.exe

  • Size

    225KB

  • Sample

    240519-ahn4eaga99

  • MD5

    2f8b80fb1d62bb192a1e570b65b331b0

  • SHA1

    82f262018f65b16b01fa771ecffef8f16d12ace5

  • SHA256

    22b4920ef2df3b3b8a0bbbc2ae27df1c1dace82c83447456282dae991368638d

  • SHA512

    c6f1026bc9ce750023bceaf83b12df64c5078fa7a5b7153b4d679c195c0b9535ba78d67c60b1ad78577013db806e13570bb55bc0291bf28400bbd523795d7bb0

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBeGW:n3C9BRo7MlrWKo+lxKs

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      2f8b80fb1d62bb192a1e570b65b331b0_NeikiAnalytics.exe

    • Size

      225KB

    • MD5

      2f8b80fb1d62bb192a1e570b65b331b0

    • SHA1

      82f262018f65b16b01fa771ecffef8f16d12ace5

    • SHA256

      22b4920ef2df3b3b8a0bbbc2ae27df1c1dace82c83447456282dae991368638d

    • SHA512

      c6f1026bc9ce750023bceaf83b12df64c5078fa7a5b7153b4d679c195c0b9535ba78d67c60b1ad78577013db806e13570bb55bc0291bf28400bbd523795d7bb0

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBeGW:n3C9BRo7MlrWKo+lxKs

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks