Overview

overview

10

Static

static

3

a5a194b364...cs.exe

windows7-x64

10

a5a194b364...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5a194b3646b2a9554f6c77a0d11c470_NeikiAnalytics.exe

  • Size

    720KB

  • Sample

    240524-exynlsda3w

  • MD5

    a5a194b3646b2a9554f6c77a0d11c470

  • SHA1

    8c0ab1b62e8ddbde1e7a9a29073928b7dc76adab

  • SHA256

    6341ae78463bb26d5efe5d04048f7a6f002b01acd33f2b1551e628045d34ac52

  • SHA512

    076e41c2b55fe0ead2853067150e49a595f694ddaa380c09160b03653c855719b92cc1117a2d6c460ba613d8ffe2ee385993360b6f77159398f27a0e2c0c5692

  • SSDEEP

    12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsC:SgD4bhoqLDqYLS7w4u

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      a5a194b3646b2a9554f6c77a0d11c470_NeikiAnalytics.exe

    • Size

      720KB

    • MD5

      a5a194b3646b2a9554f6c77a0d11c470

    • SHA1

      8c0ab1b62e8ddbde1e7a9a29073928b7dc76adab

    • SHA256

      6341ae78463bb26d5efe5d04048f7a6f002b01acd33f2b1551e628045d34ac52

    • SHA512

      076e41c2b55fe0ead2853067150e49a595f694ddaa380c09160b03653c855719b92cc1117a2d6c460ba613d8ffe2ee385993360b6f77159398f27a0e2c0c5692

    • SSDEEP

      12288:n3C9yMo+S0L9xRnoq7H9xqYL5oeEF5rna9sUxg7udOxPJVSjYg8lcmJ1MZxEkTsC:SgD4bhoqLDqYLS7w4u

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks