Overview

overview

10

Static

static

3

0ff48901e3...cs.exe

windows7-x64

10

0ff48901e3...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ff48901e33b5dfa2bd63370d90309c0_NeikiAnalytics.exe

  • Size

    81KB

  • Sample

    240519-wqlh5saf68

  • MD5

    0ff48901e33b5dfa2bd63370d90309c0

  • SHA1

    c6674393162e8827070d5556160f63d636a19531

  • SHA256

    346ee574c788467e61c7f7603080d82fdc1f94e688761edfdcc0a6d2515521f7

  • SHA512

    23c73b3f1e147607edbb10dd789051c3067a9daadc5cf41325411817e399a5452dcbadb4eb2469e93cdc9c569c7ff66e8cfd8974b2964f627577d061270f0b4f

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MwIYSPExIa8:ymb3NkkiQ3mdBjFo73t+SMp8

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      0ff48901e33b5dfa2bd63370d90309c0_NeikiAnalytics.exe

    • Size

      81KB

    • MD5

      0ff48901e33b5dfa2bd63370d90309c0

    • SHA1

      c6674393162e8827070d5556160f63d636a19531

    • SHA256

      346ee574c788467e61c7f7603080d82fdc1f94e688761edfdcc0a6d2515521f7

    • SHA512

      23c73b3f1e147607edbb10dd789051c3067a9daadc5cf41325411817e399a5452dcbadb4eb2469e93cdc9c569c7ff66e8cfd8974b2964f627577d061270f0b4f

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MwIYSPExIa8:ymb3NkkiQ3mdBjFo73t+SMp8

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks