Overview

overview

10

Static

static

3

3553cd3bad...cs.exe

windows7-x64

10

3553cd3bad...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3553cd3bade39be409c92cd52bab4790_NeikiAnalytics.exe

  • Size

    180KB

  • Sample

    240522-zcwczaff2s

  • MD5

    3553cd3bade39be409c92cd52bab4790

  • SHA1

    4475f20a8318a35322b07eba09d2098e2ca90097

  • SHA256

    a13cd3087700b87ee781123c09d4e666b462b12412b0433bd210498f97e7a8b5

  • SHA512

    67fdadb7bfd27c2dae7a3867fb3523b689adcb90fa47cded7e70ba3125ba2829e62a6b318cd6c634d26ac76beb115b9f056c1a9a4c0d1dc82c4fd89d1a5bea10

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMY:PhOm2sI93UufdC67ciJTm5hIY

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      3553cd3bade39be409c92cd52bab4790_NeikiAnalytics.exe

    • Size

      180KB

    • MD5

      3553cd3bade39be409c92cd52bab4790

    • SHA1

      4475f20a8318a35322b07eba09d2098e2ca90097

    • SHA256

      a13cd3087700b87ee781123c09d4e666b462b12412b0433bd210498f97e7a8b5

    • SHA512

      67fdadb7bfd27c2dae7a3867fb3523b689adcb90fa47cded7e70ba3125ba2829e62a6b318cd6c634d26ac76beb115b9f056c1a9a4c0d1dc82c4fd89d1a5bea10

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+IJPhbMY:PhOm2sI93UufdC67ciJTm5hIY

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks