Overview

overview

10

Static

static

7

cfffd72282...cs.exe

windows7-x64

10

cfffd72282...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cfffd72282e81427b3dadeeae6d40d00_NeikiAnalytics.exe

  • Size

    367KB

  • Sample

    240519-q821ysbb3x

  • MD5

    cfffd72282e81427b3dadeeae6d40d00

  • SHA1

    60bd1b8d73d33aa2f2d9709fddf218f5f591679a

  • SHA256

    cf59ce803f6b75cad86471212b43674602104247dc221ef8271bd0404d75fb46

  • SHA512

    50eb84abce6e4c1c517720451431910962747c56bce548120c3b5eb878f44d0504e0532a5094d27d7eec7f1209738fe35ab8e5ad130b91ea5e10be8d02c53c46

  • SSDEEP

    6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8P:/4wFHoSQuxy3rTXIM18P

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      cfffd72282e81427b3dadeeae6d40d00_NeikiAnalytics.exe

    • Size

      367KB

    • MD5

      cfffd72282e81427b3dadeeae6d40d00

    • SHA1

      60bd1b8d73d33aa2f2d9709fddf218f5f591679a

    • SHA256

      cf59ce803f6b75cad86471212b43674602104247dc221ef8271bd0404d75fb46

    • SHA512

      50eb84abce6e4c1c517720451431910962747c56bce548120c3b5eb878f44d0504e0532a5094d27d7eec7f1209738fe35ab8e5ad130b91ea5e10be8d02c53c46

    • SSDEEP

      6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8P:/4wFHoSQuxy3rTXIM18P

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks