Overview

overview

10

Static

static

3

e06f5fb360...cs.exe

windows7-x64

10

e06f5fb360...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e06f5fb3608b556a8ed87db2b2b5fb70_NeikiAnalytics.exe

  • Size

    367KB

  • Sample

    240519-sng66acf22

  • MD5

    e06f5fb3608b556a8ed87db2b2b5fb70

  • SHA1

    3759ec5256e31119f7b5589d6fe6e14487081d90

  • SHA256

    f2d92873d214d0661b7e7f781b08ef023727f8b599088193436f6b9b4079f27b

  • SHA512

    e2e70b0cf989c19edc97277e7d3702eb8be0a70e87cd25fbd600c049e18a86baa8b69f35fc32ffde98dc7628b8ce35bac534bcb0571ea132fb5a280e6d3ca042

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWGIaxJ8TN005pWmjVwdSsyJ:n3C9BRo7tvnJ9Fywhk/T7xyTpShZG

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      e06f5fb3608b556a8ed87db2b2b5fb70_NeikiAnalytics.exe

    • Size

      367KB

    • MD5

      e06f5fb3608b556a8ed87db2b2b5fb70

    • SHA1

      3759ec5256e31119f7b5589d6fe6e14487081d90

    • SHA256

      f2d92873d214d0661b7e7f781b08ef023727f8b599088193436f6b9b4079f27b

    • SHA512

      e2e70b0cf989c19edc97277e7d3702eb8be0a70e87cd25fbd600c049e18a86baa8b69f35fc32ffde98dc7628b8ce35bac534bcb0571ea132fb5a280e6d3ca042

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73tvn+Yp9FrHSwh/c/hdTWGIaxJ8TN005pWmjVwdSsyJ:n3C9BRo7tvnJ9Fywhk/T7xyTpShZG

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks