Overview

overview

10

Static

static

3

ff88982d0f...cs.exe

windows7-x64

10

ff88982d0f...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff88982d0f9494ca5f821811c8d342e0_NeikiAnalytics.exe

  • Size

    94KB

  • Sample

    240519-vwrfxahe3y

  • MD5

    ff88982d0f9494ca5f821811c8d342e0

  • SHA1

    8d30de1b04b92dd19ccdcb4697cd492b08cbfedd

  • SHA256

    2d2575e63a4bd45de05aeccea8c58b92079dee2c33c7ff59eb50e14a58780cb0

  • SHA512

    8e77573cd3b5d01bcb6307822175373980a487e8f803b700ecc40e0f010fab023c538c4e091e252182b1522deaace92ebcf36d0d04d7f9269f06e5f9b16ffa5d

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAg:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrJ

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      ff88982d0f9494ca5f821811c8d342e0_NeikiAnalytics.exe

    • Size

      94KB

    • MD5

      ff88982d0f9494ca5f821811c8d342e0

    • SHA1

      8d30de1b04b92dd19ccdcb4697cd492b08cbfedd

    • SHA256

      2d2575e63a4bd45de05aeccea8c58b92079dee2c33c7ff59eb50e14a58780cb0

    • SHA512

      8e77573cd3b5d01bcb6307822175373980a487e8f803b700ecc40e0f010fab023c538c4e091e252182b1522deaace92ebcf36d0d04d7f9269f06e5f9b16ffa5d

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73XH/YP1HFrJximAAxEPOfPrAg:ymb3NkkiQ3mdBjFo73PYP1lri3KuOnrJ

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks