Overview

overview

10

Static

static

3

889979f8e2...cs.exe

windows7-x64

10

889979f8e2...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    889979f8e2913b3a49a3881ef9fb8330_NeikiAnalytics.exe

  • Size

    87KB

  • Sample

    240519-glq6hadd58

  • MD5

    889979f8e2913b3a49a3881ef9fb8330

  • SHA1

    bf7c49025291720c612b2f284e32ae93a617c832

  • SHA256

    cb5eeb9fcb2a564867433bb7db921d9a1608095ae61f6e2dd299c8c78f4d6458

  • SHA512

    eab71ca6111e7df5117b20cd172c02c19961a555b8bf1d8ce45689052a4ef17568a5b8ea72c117e691ec8dfc49ff233f65daf9eb0c98d8ee1740db87b04fdbfa

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wV3jaCJ5jH3eT:ymb3NkkiQ3mdBjF+3TU2K3bJZXS

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      889979f8e2913b3a49a3881ef9fb8330_NeikiAnalytics.exe

    • Size

      87KB

    • MD5

      889979f8e2913b3a49a3881ef9fb8330

    • SHA1

      bf7c49025291720c612b2f284e32ae93a617c832

    • SHA256

      cb5eeb9fcb2a564867433bb7db921d9a1608095ae61f6e2dd299c8c78f4d6458

    • SHA512

      eab71ca6111e7df5117b20cd172c02c19961a555b8bf1d8ce45689052a4ef17568a5b8ea72c117e691ec8dfc49ff233f65daf9eb0c98d8ee1740db87b04fdbfa

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxND+3T4+C2wV3jaCJ5jH3eT:ymb3NkkiQ3mdBjF+3TU2K3bJZXS

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks