Overview

overview

10

Static

static

7

ecba790ec9...cs.exe

windows7-x64

10

ecba790ec9...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecba790ec9bff1ff265efeb725de3570_NeikiAnalytics.exe

  • Size

    252KB

  • Sample

    240519-tjfyzaef2z

  • MD5

    ecba790ec9bff1ff265efeb725de3570

  • SHA1

    0698f548beddb25c3ed830ae246ee3a10a7f9776

  • SHA256

    ec7b408299855846b0669ecab93e2fc2bf63cc7e2d65e8e5e514294f4b75d78e

  • SHA512

    e689e31f51084f857d138d6e105c6a094357e517d7e2225c7aeea560299821de1b2b9d1567c8c7f1d200097f764da66a3aef6ad2f1318eb3ad0c6a9a39643058

  • SSDEEP

    6144:Vcm4FmowdHoSt42H8qlYWddWX+a/NigLtx7r7:34wFHoSt4m8qlhddWX+ysUtx7X

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      ecba790ec9bff1ff265efeb725de3570_NeikiAnalytics.exe

    • Size

      252KB

    • MD5

      ecba790ec9bff1ff265efeb725de3570

    • SHA1

      0698f548beddb25c3ed830ae246ee3a10a7f9776

    • SHA256

      ec7b408299855846b0669ecab93e2fc2bf63cc7e2d65e8e5e514294f4b75d78e

    • SHA512

      e689e31f51084f857d138d6e105c6a094357e517d7e2225c7aeea560299821de1b2b9d1567c8c7f1d200097f764da66a3aef6ad2f1318eb3ad0c6a9a39643058

    • SSDEEP

      6144:Vcm4FmowdHoSt42H8qlYWddWX+a/NigLtx7r7:34wFHoSt4m8qlhddWX+ysUtx7X

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks