Overview

overview

10

Static

static

3

9a614fbf88...cs.exe

windows7-x64

10

9a614fbf88...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9a614fbf88a36a9ad358bcbbc0f70c20_NeikiAnalytics.exe

  • Size

    282KB

  • Sample

    240523-2h95esbf8y

  • MD5

    9a614fbf88a36a9ad358bcbbc0f70c20

  • SHA1

    5b89ad75ea06c1212c9c8a5b671dae7172db4509

  • SHA256

    c0cf208f3ac94ed5ce60354b987501b5965d4ac3bd96bd99e913710b02e377b4

  • SHA512

    680937e7af90bfa922537064687f2481c30cbd198ebf4d73dddc03ac9960147703c739b22ef99fb4f10d800c6e61a150157b077a4266de6945d1dcbbf3b4bb72

  • SSDEEP

    3072:8hOm2sI93UufdC67cimD5t251UrRE9TTF5n:8cm7ImGddXmNt251UriZF5n

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      9a614fbf88a36a9ad358bcbbc0f70c20_NeikiAnalytics.exe

    • Size

      282KB

    • MD5

      9a614fbf88a36a9ad358bcbbc0f70c20

    • SHA1

      5b89ad75ea06c1212c9c8a5b671dae7172db4509

    • SHA256

      c0cf208f3ac94ed5ce60354b987501b5965d4ac3bd96bd99e913710b02e377b4

    • SHA512

      680937e7af90bfa922537064687f2481c30cbd198ebf4d73dddc03ac9960147703c739b22ef99fb4f10d800c6e61a150157b077a4266de6945d1dcbbf3b4bb72

    • SSDEEP

      3072:8hOm2sI93UufdC67cimD5t251UrRE9TTF5n:8cm7ImGddXmNt251UriZF5n

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks