Overview

overview

10

Static

static

3

4e5572d04f...cs.exe

windows7-x64

10

4e5572d04f...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e5572d04fdc8a387c8808ac49e5b550_NeikiAnalytics.exe

  • Size

    84KB

  • Sample

    240519-cfsd6ach69

  • MD5

    4e5572d04fdc8a387c8808ac49e5b550

  • SHA1

    7da259d92e350fd64b2766f38ccb868982535379

  • SHA256

    88b58cc8fbbae05951894e63220ac8cd5cffe1665306c757fea5aed122e0d6ef

  • SHA512

    31412abb4dea7f3c6bca8d0774becd880db4b5d9743ea5fb26621613a7234b8830a111524c2ebbb188eb7969ca5b8d47c166a796549c7c8932352908d9829745

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgt7WxZKmNDnX77lY8/X5Qgrcin:ymb3NkkiQ3mdBjFIgte0mNb77Bptfz

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      4e5572d04fdc8a387c8808ac49e5b550_NeikiAnalytics.exe

    • Size

      84KB

    • MD5

      4e5572d04fdc8a387c8808ac49e5b550

    • SHA1

      7da259d92e350fd64b2766f38ccb868982535379

    • SHA256

      88b58cc8fbbae05951894e63220ac8cd5cffe1665306c757fea5aed122e0d6ef

    • SHA512

      31412abb4dea7f3c6bca8d0774becd880db4b5d9743ea5fb26621613a7234b8830a111524c2ebbb188eb7969ca5b8d47c166a796549c7c8932352908d9829745

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgt7WxZKmNDnX77lY8/X5Qgrcin:ymb3NkkiQ3mdBjFIgte0mNb77Bptfz

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks