Overview

overview

10

Static

static

3

a5f436ade0...cs.exe

windows7-x64

10

a5f436ade0...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5f436ade0ef59fdb5d68f1b6151a5b0_NeikiAnalytics.exe

  • Size

    76KB

  • Sample

    240520-eg4vpaae73

  • MD5

    a5f436ade0ef59fdb5d68f1b6151a5b0

  • SHA1

    473d3e52ec3fa1c7e9376ddaa8fcd250f88f3fd6

  • SHA256

    be3a8c8b238b335cbf8fb183728f2847c49928072e85c34fcb9fcaeb4a2674c9

  • SHA512

    a1c88a3c99bb0ebcadf74681c56ed22f4b4f98c51db3a6a471ddeb8f57e073ee63edb253551253f2e9e295e2f4aadf25b5add85a4227b47b2ef1e286f9ca5fbe

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqKM:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqKM

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      a5f436ade0ef59fdb5d68f1b6151a5b0_NeikiAnalytics.exe

    • Size

      76KB

    • MD5

      a5f436ade0ef59fdb5d68f1b6151a5b0

    • SHA1

      473d3e52ec3fa1c7e9376ddaa8fcd250f88f3fd6

    • SHA256

      be3a8c8b238b335cbf8fb183728f2847c49928072e85c34fcb9fcaeb4a2674c9

    • SHA512

      a1c88a3c99bb0ebcadf74681c56ed22f4b4f98c51db3a6a471ddeb8f57e073ee63edb253551253f2e9e295e2f4aadf25b5add85a4227b47b2ef1e286f9ca5fbe

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIsIpWCz+FR4RzWqKM:ymb3NkkiQ3mdBjFIsIpZ+R4RzWqKM

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks