Overview

overview

10

Static

static

3

c7068b5c9d...cs.exe

windows7-x64

10

c7068b5c9d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c7068b5c9d79ca6a5b2d7932c17d0ee0_NeikiAnalytics.exe

  • Size

    277KB

  • Sample

    240519-qg8pesac7v

  • MD5

    c7068b5c9d79ca6a5b2d7932c17d0ee0

  • SHA1

    0afa72777617d67ccf183f751aa7384f63e8ecc9

  • SHA256

    5717e5abdd1b6d61262230f090867a73a22aa8a84e62f8d75b8df9f50d59bf0a

  • SHA512

    be5ca540b85e3086634930dcc66d5e23bc312579da3514fe890b136c683bf86f54ab0a5892e9e304616a56ae96e6085fa73a3119eb5d45ea2aadbac6cdb52219

  • SSDEEP

    6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemq:n3C9uYA71kSMu8

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      c7068b5c9d79ca6a5b2d7932c17d0ee0_NeikiAnalytics.exe

    • Size

      277KB

    • MD5

      c7068b5c9d79ca6a5b2d7932c17d0ee0

    • SHA1

      0afa72777617d67ccf183f751aa7384f63e8ecc9

    • SHA256

      5717e5abdd1b6d61262230f090867a73a22aa8a84e62f8d75b8df9f50d59bf0a

    • SHA512

      be5ca540b85e3086634930dcc66d5e23bc312579da3514fe890b136c683bf86f54ab0a5892e9e304616a56ae96e6085fa73a3119eb5d45ea2aadbac6cdb52219

    • SSDEEP

      6144:n3C9BRIG0asYFm71m8+GdkB9yMu7Vvemq:n3C9uYA71kSMu8

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks