Overview

overview

10

Static

static

3

79dd320077...cs.exe

windows7-x64

10

79dd320077...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79dd32007765b8f504f8f78aeb1ac320_NeikiAnalytics.exe

  • Size

    258KB

  • Sample

    240519-fk6n5abe53

  • MD5

    79dd32007765b8f504f8f78aeb1ac320

  • SHA1

    644f6deac11a16d9a3da61c799169c120bf34028

  • SHA256

    d7d7cbb11de9be968eedd958b67a01472925db569f3cc9a95d1e3eb4aca63cc7

  • SHA512

    ae7a81a0da108d4c6c86e8056d0cb78527b069ce0cfddc240d4f00a54eb37e4426de25575d5cef248fbecc40079dd87660784bbcc0fcd9c9c66d1f1d350bb3a4

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWG4lmb37K3BoKLbCZ0u:n3C9BRo7tvnJ9Fywhk/T4i37K3BoKg0u

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      79dd32007765b8f504f8f78aeb1ac320_NeikiAnalytics.exe

    • Size

      258KB

    • MD5

      79dd32007765b8f504f8f78aeb1ac320

    • SHA1

      644f6deac11a16d9a3da61c799169c120bf34028

    • SHA256

      d7d7cbb11de9be968eedd958b67a01472925db569f3cc9a95d1e3eb4aca63cc7

    • SHA512

      ae7a81a0da108d4c6c86e8056d0cb78527b069ce0cfddc240d4f00a54eb37e4426de25575d5cef248fbecc40079dd87660784bbcc0fcd9c9c66d1f1d350bb3a4

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWG4lmb37K3BoKLbCZ0u:n3C9BRo7tvnJ9Fywhk/T4i37K3BoKg0u

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks