Overview

overview

10

Static

static

3

e3854cbd0a...cs.exe

windows7-x64

10

e3854cbd0a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3854cbd0a2942f0d645d782e20a8bf0_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240519-sv1l3sch55

  • MD5

    e3854cbd0a2942f0d645d782e20a8bf0

  • SHA1

    4e62f4d0f3cd8a9f233f7df263b41e1b4a58c483

  • SHA256

    f502b9a78e0c45d890e2e5f58147636905be79720f2716e339453a767c835de4

  • SHA512

    c380210a37daf41db08141547a748f35cc7980a76a649525bd12a92a8ddf5d54e4d01ee061be8a550934183514fa7931408e83aed545eeeb57074c65360a3348

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuW:n3C9ytvngQj429nnzeZhBF

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      e3854cbd0a2942f0d645d782e20a8bf0_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      e3854cbd0a2942f0d645d782e20a8bf0

    • SHA1

      4e62f4d0f3cd8a9f233f7df263b41e1b4a58c483

    • SHA256

      f502b9a78e0c45d890e2e5f58147636905be79720f2716e339453a767c835de4

    • SHA512

      c380210a37daf41db08141547a748f35cc7980a76a649525bd12a92a8ddf5d54e4d01ee061be8a550934183514fa7931408e83aed545eeeb57074c65360a3348

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuW:n3C9ytvngQj429nnzeZhBF

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks