Overview

overview

10

Static

static

3

c564187218...cs.exe

windows7-x64

10

c564187218...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c5641872181d9c34bcd399fda865d960_NeikiAnalytics.exe

  • Size

    90KB

  • Sample

    240519-qcfg3saa29

  • MD5

    c5641872181d9c34bcd399fda865d960

  • SHA1

    c1e61a1db2917c1c76d5a106ff0d710cec1be57a

  • SHA256

    406b3953b18139132827338bba6b40691461ccbf0ae7dcd8d372a5c158a5bebe

  • SHA512

    3e280bbbc4b56a0da3764374c4093bc0ee2fc7fd31f704390eb24a9c6632aa66df2428a6c140c755e35ef1520b68a6dd05509434430d80c591d31bf1a0e3074a

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBn:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBr

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      c5641872181d9c34bcd399fda865d960_NeikiAnalytics.exe

    • Size

      90KB

    • MD5

      c5641872181d9c34bcd399fda865d960

    • SHA1

      c1e61a1db2917c1c76d5a106ff0d710cec1be57a

    • SHA256

      406b3953b18139132827338bba6b40691461ccbf0ae7dcd8d372a5c158a5bebe

    • SHA512

      3e280bbbc4b56a0da3764374c4093bc0ee2fc7fd31f704390eb24a9c6632aa66df2428a6c140c755e35ef1520b68a6dd05509434430d80c591d31bf1a0e3074a

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBn:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBr

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks