Overview

overview

10

Static

static

3

095bc37a99...cs.exe

windows7-x64

10

095bc37a99...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    095bc37a9905ca2e65f35192bcfb3f00_NeikiAnalytics.exe

  • Size

    115KB

  • Sample

    240521-zdvstshf7v

  • MD5

    095bc37a9905ca2e65f35192bcfb3f00

  • SHA1

    1b490c4d7b65e85535c3ae0dae68fd3f1ecd0bbb

  • SHA256

    716eda587d4f9d903ee6607c4064d64e618b9a40f170bd889c529b5cf0b3e611

  • SHA512

    e8e1e08d10602336ef165ae21a7b4f71cca3ed2933dfd491a7ce32523da326748c8dd63d53773ceb0afca9372b85a1e297e0ee16cee59c2a0f9c7eda0d4c78b8

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFb:n3C9BRosxW8MFHLMWvlI

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      095bc37a9905ca2e65f35192bcfb3f00_NeikiAnalytics.exe

    • Size

      115KB

    • MD5

      095bc37a9905ca2e65f35192bcfb3f00

    • SHA1

      1b490c4d7b65e85535c3ae0dae68fd3f1ecd0bbb

    • SHA256

      716eda587d4f9d903ee6607c4064d64e618b9a40f170bd889c529b5cf0b3e611

    • SHA512

      e8e1e08d10602336ef165ae21a7b4f71cca3ed2933dfd491a7ce32523da326748c8dd63d53773ceb0afca9372b85a1e297e0ee16cee59c2a0f9c7eda0d4c78b8

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkFb:n3C9BRosxW8MFHLMWvlI

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks