Overview

overview

10

Static

static

3

f31a438a9b...cs.exe

windows7-x64

10

f31a438a9b...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f31a438a9b5aebd5ddd6a2b6fe5f3ea0_NeikiAnalytics.exe

  • Size

    77KB

  • Sample

    240520-nfwx5ahb58

  • MD5

    f31a438a9b5aebd5ddd6a2b6fe5f3ea0

  • SHA1

    8b5ccbe5854b42fe1cb34c33fd83f6d013cf1036

  • SHA256

    5e26fdfedc4d9f7d84158f04a552c97fa19a32768fd90143145494d46def4379

  • SHA512

    c9c058f5b097aacc2624d0bfc52420e54e383fdd26cff2b95e718ef96fdacfa8b7b6a8618fb27a11511636df40b8f732c22d61e8c05f304b150ad49eaf80efd3

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgJb31HgxGc+gmvZQCAu:ymb3NkkiQ3mdBjFIUb31HgxL+gmvZjAu

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      f31a438a9b5aebd5ddd6a2b6fe5f3ea0_NeikiAnalytics.exe

    • Size

      77KB

    • MD5

      f31a438a9b5aebd5ddd6a2b6fe5f3ea0

    • SHA1

      8b5ccbe5854b42fe1cb34c33fd83f6d013cf1036

    • SHA256

      5e26fdfedc4d9f7d84158f04a552c97fa19a32768fd90143145494d46def4379

    • SHA512

      c9c058f5b097aacc2624d0bfc52420e54e383fdd26cff2b95e718ef96fdacfa8b7b6a8618fb27a11511636df40b8f732c22d61e8c05f304b150ad49eaf80efd3

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIgJb31HgxGc+gmvZQCAu:ymb3NkkiQ3mdBjFIUb31HgxL+gmvZjAu

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks