Overview

overview

10

Static

static

3

e1b8c1e240...cs.exe

windows7-x64

10

e1b8c1e240...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1b8c1e240162dee6c143cd563b22210_NeikiAnalytics.exe

  • Size

    213KB

  • Sample

    240520-lwz9daeh6v

  • MD5

    e1b8c1e240162dee6c143cd563b22210

  • SHA1

    830a4ce28c031e3b5033f8f7c5cfaab7f7e671b3

  • SHA256

    fc75cec9080cf75174a4395e139e37f12bd391b9592f2e66d7d56a9d60e9ab13

  • SHA512

    bcac50eb65f7327c9bc6361d71e9d2e0df2b10b786b119f733f49d1fd402c5900813b3b2ebfb66785bfc86934a3f2103ecd2cb7281e187ba4ec90d61308f67be

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUmABvP:n3C9BRIG0asYFm71m8+GdkB9EBX

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      e1b8c1e240162dee6c143cd563b22210_NeikiAnalytics.exe

    • Size

      213KB

    • MD5

      e1b8c1e240162dee6c143cd563b22210

    • SHA1

      830a4ce28c031e3b5033f8f7c5cfaab7f7e671b3

    • SHA256

      fc75cec9080cf75174a4395e139e37f12bd391b9592f2e66d7d56a9d60e9ab13

    • SHA512

      bcac50eb65f7327c9bc6361d71e9d2e0df2b10b786b119f733f49d1fd402c5900813b3b2ebfb66785bfc86934a3f2103ecd2cb7281e187ba4ec90d61308f67be

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFIi/0RU6QeYQsm71vPmc51+GqekBJCvr6zJBUmABvP:n3C9BRIG0asYFm71m8+GdkB9EBX

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks