Overview

overview

10

Static

static

7

17a879b030...cs.exe

windows7-x64

10

17a879b030...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17a879b03076531eb5b4d727e97f41e0_NeikiAnalytics.exe

  • Size

    107KB

  • Sample

    240522-eegmdabc91

  • MD5

    17a879b03076531eb5b4d727e97f41e0

  • SHA1

    87a934717665f3e4ed6712bbd6eec7050cb4928c

  • SHA256

    5b238a3ba55d8c5d40ccea94a09cee393d3700cf1f46799bc921c72cdd234f92

  • SHA512

    09e5a5ee40a1693e274c9e9b9787843ea14ed37ac3e6328c4b882dd8c731f3d08ad698e990c5eee701f55a4c26ff388d092b362fc0d20379a64c34d3080d7f07

  • SSDEEP

    3072:khOmTsF93UYfwC6GIoutpYcvrqrE66krop7Bcgw:kcm4FmowdHoSphraHcp7yV

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      17a879b03076531eb5b4d727e97f41e0_NeikiAnalytics.exe

    • Size

      107KB

    • MD5

      17a879b03076531eb5b4d727e97f41e0

    • SHA1

      87a934717665f3e4ed6712bbd6eec7050cb4928c

    • SHA256

      5b238a3ba55d8c5d40ccea94a09cee393d3700cf1f46799bc921c72cdd234f92

    • SHA512

      09e5a5ee40a1693e274c9e9b9787843ea14ed37ac3e6328c4b882dd8c731f3d08ad698e990c5eee701f55a4c26ff388d092b362fc0d20379a64c34d3080d7f07

    • SSDEEP

      3072:khOmTsF93UYfwC6GIoutpYcvrqrE66krop7Bcgw:kcm4FmowdHoSphraHcp7yV

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks