Overview

overview

10

Static

static

7

67147d1cdd...cs.exe

windows7-x64

10

67147d1cdd...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67147d1cddae46208c011d4b813af0d0_NeikiAnalytics.exe

  • Size

    71KB

  • Sample

    240523-bawnysfe6y

  • MD5

    67147d1cddae46208c011d4b813af0d0

  • SHA1

    5b9f67ca04b6ab3703dc617dc74bd44ae7df68f9

  • SHA256

    97be2d4c283ed0238d71f748c7c7be9c729bf71f4177a5da8fee3c07a0be52e5

  • SHA512

    53b03c35fe0a1cb682032feca6fb6898adeb9122fbd9252a825fdd31c7021f676c22b6b99b928b1fcca6836ce9da4c82c485b54fc776fc40ad02d5ced9c8056b

  • SSDEEP

    1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQkY:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYi

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      67147d1cddae46208c011d4b813af0d0_NeikiAnalytics.exe

    • Size

      71KB

    • MD5

      67147d1cddae46208c011d4b813af0d0

    • SHA1

      5b9f67ca04b6ab3703dc617dc74bd44ae7df68f9

    • SHA256

      97be2d4c283ed0238d71f748c7c7be9c729bf71f4177a5da8fee3c07a0be52e5

    • SHA512

      53b03c35fe0a1cb682032feca6fb6898adeb9122fbd9252a825fdd31c7021f676c22b6b99b928b1fcca6836ce9da4c82c485b54fc776fc40ad02d5ced9c8056b

    • SSDEEP

      1536:NvQBeOGtrYS3srx93UBWfwC6Ggnouy8KlAXmAXIBG/+WIFuTKLXvCB5yAXNlIQkY:NhOmTsF93UYfwC6GIoutOP/WWGKL/SYi

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks