Overview

overview

10

Static

static

3

d7cfaa175b...cs.exe

windows7-x64

10

d7cfaa175b...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d7cfaa175b9665062d9390403948c3d0_NeikiAnalytics.exe

  • Size

    55KB

  • Sample

    240519-rwbtnsbh4t

  • MD5

    d7cfaa175b9665062d9390403948c3d0

  • SHA1

    dd705e7c50150361fec2a5f7a5d2164d8dc834c5

  • SHA256

    7f13963b7296a6f96dc5d95b2d5889319dabba0cbef9af1d830a2bbb1a7c9006

  • SHA512

    13a9956d024f1489d7895bca76e94706724cea866536bc5ce3dbafa65ab85486c3e5afb5b1f795a3c71393ae995116506c8e2304f8d82fa11e865e2df29ab07b

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEB:ymb3NkkiQ3mdBjFIM

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      d7cfaa175b9665062d9390403948c3d0_NeikiAnalytics.exe

    • Size

      55KB

    • MD5

      d7cfaa175b9665062d9390403948c3d0

    • SHA1

      dd705e7c50150361fec2a5f7a5d2164d8dc834c5

    • SHA256

      7f13963b7296a6f96dc5d95b2d5889319dabba0cbef9af1d830a2bbb1a7c9006

    • SHA512

      13a9956d024f1489d7895bca76e94706724cea866536bc5ce3dbafa65ab85486c3e5afb5b1f795a3c71393ae995116506c8e2304f8d82fa11e865e2df29ab07b

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfEB:ymb3NkkiQ3mdBjFIM

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks