Overview

overview

10

Static

static

7

42205745c5...cs.exe

windows7-x64

10

42205745c5...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42205745c5b2d9365833402f8ade9d50_NeikiAnalytics.exe

  • Size

    367KB

  • Sample

    240519-br2arsba3t

  • MD5

    42205745c5b2d9365833402f8ade9d50

  • SHA1

    6059359841a901c61cade4ab4a579b277b77ab80

  • SHA256

    fff8103b783afc63a726b9148664ba80411717d1b34f432464767cf284e54d6e

  • SHA512

    2d15a0b5cfddfbb4b2205a74f421ab04bf237c292d80d165e567cd5122a55fc7aa0ef37fb561f488b421858529eef918f6b785e2f64121f5deeecf49e4673bc1

  • SSDEEP

    6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8j:/4wFHoSQuxy3rTXIM18j

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      42205745c5b2d9365833402f8ade9d50_NeikiAnalytics.exe

    • Size

      367KB

    • MD5

      42205745c5b2d9365833402f8ade9d50

    • SHA1

      6059359841a901c61cade4ab4a579b277b77ab80

    • SHA256

      fff8103b783afc63a726b9148664ba80411717d1b34f432464767cf284e54d6e

    • SHA512

      2d15a0b5cfddfbb4b2205a74f421ab04bf237c292d80d165e567cd5122a55fc7aa0ef37fb561f488b421858529eef918f6b785e2f64121f5deeecf49e4673bc1

    • SSDEEP

      6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8j:/4wFHoSQuxy3rTXIM18j

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks