Overview

overview

10

Static

static

3

e1fa155c33...cs.exe

windows7-x64

10

e1fa155c33...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1fa155c3352e29647152e034457b3c0_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240519-srqygach3y

  • MD5

    e1fa155c3352e29647152e034457b3c0

  • SHA1

    7639db5185c441eb05f8ff95000a78cbf9bf3f40

  • SHA256

    b267cdb74b959a89b3372e13240a0f725b857b09f96bd9976c08b9bee6b4921f

  • SHA512

    86e36bd5e0891253db484fb9c52af50f6a64c0c17362649ef13a8cb18e9f64c78453829b01c438a87f62fe809a48266940337b2767d7e7aef681698a5e90657f

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuU:n3C9ytvngQj429nnzeZhBJ

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      e1fa155c3352e29647152e034457b3c0_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      e1fa155c3352e29647152e034457b3c0

    • SHA1

      7639db5185c441eb05f8ff95000a78cbf9bf3f40

    • SHA256

      b267cdb74b959a89b3372e13240a0f725b857b09f96bd9976c08b9bee6b4921f

    • SHA512

      86e36bd5e0891253db484fb9c52af50f6a64c0c17362649ef13a8cb18e9f64c78453829b01c438a87f62fe809a48266940337b2767d7e7aef681698a5e90657f

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuU:n3C9ytvngQj429nnzeZhBJ

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks