blackmoon | 5736438a3bef53bde9a5bd6d7a7891164c2f89e5e516f979cacfb8c296bc9ea2 | Triage

Submit
Reports

Overview

overview

Static

static

7

f1885cb201...cs.exe

windows7-x64

f1885cb201...cs.exe

windows10-2004-x64

Sharing

General

Target

f1885cb2016cd8ba7abbb68967dd1ad0_NeikiAnalytics.exe
Size

381KB
Sample

240519-twhy4afd3v
MD5

f1885cb2016cd8ba7abbb68967dd1ad0
SHA1

ce6d86cdb442c318b22fb4ca4d2df681b63e95b6
SHA256

5736438a3bef53bde9a5bd6d7a7891164c2f89e5e516f979cacfb8c296bc9ea2
SHA512

b8c2e3fb824ee045c873221053fe0999349543c23a91211538e2911968bbecc2d1c415cdc7ab4ed663a8e030772ed516055a644b04adfa9665172ad9f5101cdb
SSDEEP

6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbswYT/:y4wFHoS3eFaKHpNKbbswe/

Score

10^/10

blackmoon banker trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f1885cb2016cd8ba7abbb68967dd1ad0_NeikiAnalytics.exe

Resource

win7-20240221-en

blackmoon banker trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1885cb2016cd8ba7abbb68967dd1ad0_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

blackmoon banker trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  f1885cb2016cd8ba7abbb68967dd1ad0_NeikiAnalytics.exe
- Size
  
  381KB
- MD5
  
  f1885cb2016cd8ba7abbb68967dd1ad0
- SHA1
  
  ce6d86cdb442c318b22fb4ca4d2df681b63e95b6
- SHA256
  
  5736438a3bef53bde9a5bd6d7a7891164c2f89e5e516f979cacfb8c296bc9ea2
- SHA512
  
  b8c2e3fb824ee045c873221053fe0999349543c23a91211538e2911968bbecc2d1c415cdc7ab4ed663a8e030772ed516055a644b04adfa9665172ad9f5101cdb
- SSDEEP
  
  6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbswYT/:y4wFHoS3eFaKHpNKbbswe/
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy