Overview

overview

10

Static

static

10

6795637955...cs.exe

windows7-x64

10

6795637955...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6795637955c629753c61da643f3730d0_NeikiAnalytics.exe

  • Size

    4.1MB

  • Sample

    240524-se5k4aad22

  • MD5

    6795637955c629753c61da643f3730d0

  • SHA1

    3c49119abbb4bd2ab0130d2db6d7824371f1f3c1

  • SHA256

    c6ca361e4a9e5ef71fb4038e79d1cb9a216fe0e15e4ddffc785fdbdd28868b50

  • SHA512

    b62207966fa75fc7383ec713aad70a747aa89f02b9f7d436d87489f542c6ea3fb17d155dc0acef2940f312d31394e8892169324c25e670bcf96257e66e06a601

  • SSDEEP

    98304:Rbmig2VCnxwWFUYTY25p/Fmj6dcKgosI10K991TOvFKlz1us3iYzW:RbBQnywfjFme+rodyQAKlwy

Score
10/10
blackmoonbankertrojan

Malware Config

Targets

    • Target

      6795637955c629753c61da643f3730d0_NeikiAnalytics.exe

    • Size

      4.1MB

    • MD5

      6795637955c629753c61da643f3730d0

    • SHA1

      3c49119abbb4bd2ab0130d2db6d7824371f1f3c1

    • SHA256

      c6ca361e4a9e5ef71fb4038e79d1cb9a216fe0e15e4ddffc785fdbdd28868b50

    • SHA512

      b62207966fa75fc7383ec713aad70a747aa89f02b9f7d436d87489f542c6ea3fb17d155dc0acef2940f312d31394e8892169324c25e670bcf96257e66e06a601

    • SSDEEP

      98304:Rbmig2VCnxwWFUYTY25p/Fmj6dcKgosI10K991TOvFKlz1us3iYzW:RbBQnywfjFme+rodyQAKlwy

    Score
    10/10
    blackmoonbankertrojan

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks