Overview

overview

10

Static

static

3

a1cf07b3f4...cs.exe

windows7-x64

10

a1cf07b3f4...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1cf07b3f4b9c9d86b4c82aafb0b4b60_NeikiAnalytics.exe

  • Size

    184KB

  • Sample

    240524-rh8lgsgg3v

  • MD5

    a1cf07b3f4b9c9d86b4c82aafb0b4b60

  • SHA1

    5c809017dee5db61c9e0aa306a4b32f159c9d2d9

  • SHA256

    7a5a30ae37b80adb9babf9d5fab6267aa4196dfd1bac8c2fd1f4459f98736494

  • SHA512

    92fb37ab3d0b235faeeeda423ee7db002611fcb26b355b7764664e6eb38b4f2af14e404397777b35d50f0fd8772a954e73c56a34f1847339a955ab79570cdd2c

  • SSDEEP

    1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdbVZo:PhOm2sI93UufdC67ciJTWMdbA

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      a1cf07b3f4b9c9d86b4c82aafb0b4b60_NeikiAnalytics.exe

    • Size

      184KB

    • MD5

      a1cf07b3f4b9c9d86b4c82aafb0b4b60

    • SHA1

      5c809017dee5db61c9e0aa306a4b32f159c9d2d9

    • SHA256

      7a5a30ae37b80adb9babf9d5fab6267aa4196dfd1bac8c2fd1f4459f98736494

    • SHA512

      92fb37ab3d0b235faeeeda423ee7db002611fcb26b355b7764664e6eb38b4f2af14e404397777b35d50f0fd8772a954e73c56a34f1847339a955ab79570cdd2c

    • SSDEEP

      1536:PvQBeOGtrYSSsrc93UBIfdC67m6AJiqgT4+EMdbVZo:PhOm2sI93UufdC67ciJTWMdbA

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks