Overview

overview

10

Static

static

3

81b3247af3...cs.exe

windows7-x64

10

81b3247af3...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    81b3247af3b70f3835eda58f72ff6a10_NeikiAnalytics.exe

  • Size

    141KB

  • Sample

    240519-f4n87acd2z

  • MD5

    81b3247af3b70f3835eda58f72ff6a10

  • SHA1

    cca2db5274dcaa618a2dcac1b899cf77526a9a1e

  • SHA256

    3c9d57bdd1e8cfd1a6b299ffa0a106a1050354231e59e90bf511dcf9675e51b2

  • SHA512

    3f3e044069b476c609641a7ec528a027567e653835a8bd1d48837e87888604dda18318c3599d74a3e3c0c5b0cebc79d6c8662ad32f0ba6c4e8d7604d1953aa47

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p150E:n3C9BRIG0asYFm71mm8fliiE

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      81b3247af3b70f3835eda58f72ff6a10_NeikiAnalytics.exe

    • Size

      141KB

    • MD5

      81b3247af3b70f3835eda58f72ff6a10

    • SHA1

      cca2db5274dcaa618a2dcac1b899cf77526a9a1e

    • SHA256

      3c9d57bdd1e8cfd1a6b299ffa0a106a1050354231e59e90bf511dcf9675e51b2

    • SHA512

      3f3e044069b476c609641a7ec528a027567e653835a8bd1d48837e87888604dda18318c3599d74a3e3c0c5b0cebc79d6c8662ad32f0ba6c4e8d7604d1953aa47

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmm8mzuFli55p150E:n3C9BRIG0asYFm71mm8fliiE

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks