Overview

overview

10

Static

static

3

f52588c0cb...cs.exe

windows7-x64

10

f52588c0cb...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f52588c0cb01474ff861e542cdbd6420_NeikiAnalytics.exe

  • Size

    415KB

  • Sample

    240519-t5y2nsfh8y

  • MD5

    f52588c0cb01474ff861e542cdbd6420

  • SHA1

    b34470ea39d4aafa98ea346b23240fe9ad83a002

  • SHA256

    4750e5f09f460c66f44b018c6452d5f89e4f1d7433ef4410496cd935707d9e57

  • SHA512

    b285bca58c69bcaf5e607635fd3e07fc6028e828ac291ad6266cce666bfe718f0cfcee3727625fd18e8d72d6493fc3bad3a897e9b271c4bc4f394d33bd2a7a1a

  • SSDEEP

    12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPE:SgdnJUdnV9k

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      f52588c0cb01474ff861e542cdbd6420_NeikiAnalytics.exe

    • Size

      415KB

    • MD5

      f52588c0cb01474ff861e542cdbd6420

    • SHA1

      b34470ea39d4aafa98ea346b23240fe9ad83a002

    • SHA256

      4750e5f09f460c66f44b018c6452d5f89e4f1d7433ef4410496cd935707d9e57

    • SHA512

      b285bca58c69bcaf5e607635fd3e07fc6028e828ac291ad6266cce666bfe718f0cfcee3727625fd18e8d72d6493fc3bad3a897e9b271c4bc4f394d33bd2a7a1a

    • SSDEEP

      12288:n3C9ytvngQj4DtvnV9wLn9UTfC8eieJNBNIsYPE:SgdnJUdnV9k

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks