Overview

overview

10

Static

static

3

a03f1a7f32...cs.exe

windows7-x64

10

a03f1a7f32...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a03f1a7f32de8ef69b44a9cf1e88e520_NeikiAnalytics.exe

  • Size

    966KB

  • Sample

    240519-h9ecaagd71

  • MD5

    a03f1a7f32de8ef69b44a9cf1e88e520

  • SHA1

    5dbfd7f0579f3bca37b5621409db1611b08a78a7

  • SHA256

    6e2845d5383217cbd16a9535f15f683d4456ed7211abbbc36be0b9a0ddf08635

  • SHA512

    45a65b13b85cccef6476b8c0d4e24d3186f586c07f6faa9823b8a0e66451a020bc457c2c82d0f91b07f7afc004df2bff3b13a0b29c91091c08c1308107bfc565

  • SSDEEP

    12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOc:SgD4bhoqLDqYLagB6Wj1+CysN

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      a03f1a7f32de8ef69b44a9cf1e88e520_NeikiAnalytics.exe

    • Size

      966KB

    • MD5

      a03f1a7f32de8ef69b44a9cf1e88e520

    • SHA1

      5dbfd7f0579f3bca37b5621409db1611b08a78a7

    • SHA256

      6e2845d5383217cbd16a9535f15f683d4456ed7211abbbc36be0b9a0ddf08635

    • SHA512

      45a65b13b85cccef6476b8c0d4e24d3186f586c07f6faa9823b8a0e66451a020bc457c2c82d0f91b07f7afc004df2bff3b13a0b29c91091c08c1308107bfc565

    • SSDEEP

      12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOc:SgD4bhoqLDqYLagB6Wj1+CysN

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks