Overview

overview

10

Static

static

3

44a1686839...cs.exe

windows7-x64

10

44a1686839...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44a1686839894db491b264c123eb6970_NeikiAnalytics.exe

  • Size

    127KB

  • Sample

    240522-1p5ylsac54

  • MD5

    44a1686839894db491b264c123eb6970

  • SHA1

    91ab42865da9debf325a5703ff317bf2f2af9bbc

  • SHA256

    5bb166da0365001f7acf7043ac29eab66cf5d9068b973de3819882b98aef3c36

  • SHA512

    472fb2cbe6f689c2aef9c1a317e53605ec6b2f716b029671f7eb3475b3fad68a98e7f7a33938160f912be95f20eedfe18ba6bdeac09ae26f757bbd4ee598b2e9

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFWXkj7afodnmm9Ao98h3dktX4/JS:n3C9BRW0j/tmm9nwytI4

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      44a1686839894db491b264c123eb6970_NeikiAnalytics.exe

    • Size

      127KB

    • MD5

      44a1686839894db491b264c123eb6970

    • SHA1

      91ab42865da9debf325a5703ff317bf2f2af9bbc

    • SHA256

      5bb166da0365001f7acf7043ac29eab66cf5d9068b973de3819882b98aef3c36

    • SHA512

      472fb2cbe6f689c2aef9c1a317e53605ec6b2f716b029671f7eb3475b3fad68a98e7f7a33938160f912be95f20eedfe18ba6bdeac09ae26f757bbd4ee598b2e9

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFWXkj7afodnmm9Ao98h3dktX4/JS:n3C9BRW0j/tmm9nwytI4

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks