Overview

overview

10

Static

static

3

95f4fbb14f...cs.exe

windows7-x64

10

95f4fbb14f...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    95f4fbb14f74416c5a6122307856ce20_NeikiAnalytics.exe

  • Size

    116KB

  • Sample

    240523-14aq1sah4t

  • MD5

    95f4fbb14f74416c5a6122307856ce20

  • SHA1

    4cdae1fc6618fe308947961d98a81bc83264d25b

  • SHA256

    c2357813bfcd21b85bbcba033e3169f5bfcfdde3619f4da1d11391a21ca40453

  • SHA512

    848966083dbd4dee6718f62fd71ffc76bf9efa7eb961b6e46948f871632992481f5ac3eb273031c3e41d42b76f46211bd6b50f9aeac56dac836452e90e500ba7

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkF8:n3C9BRosxW8MFHLMWvlX

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      95f4fbb14f74416c5a6122307856ce20_NeikiAnalytics.exe

    • Size

      116KB

    • MD5

      95f4fbb14f74416c5a6122307856ce20

    • SHA1

      4cdae1fc6618fe308947961d98a81bc83264d25b

    • SHA256

      c2357813bfcd21b85bbcba033e3169f5bfcfdde3619f4da1d11391a21ca40453

    • SHA512

      848966083dbd4dee6718f62fd71ffc76bf9efa7eb961b6e46948f871632992481f5ac3eb273031c3e41d42b76f46211bd6b50f9aeac56dac836452e90e500ba7

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmjlkF8:n3C9BRosxW8MFHLMWvlX

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks