Overview

overview

10

Static

static

3

49e4470f16...cs.exe

windows7-x64

10

49e4470f16...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    49e4470f16bd8d7670427d8961f936e0_NeikiAnalytics.exe

  • Size

    232KB

  • Sample

    240529-hyztvafd27

  • MD5

    49e4470f16bd8d7670427d8961f936e0

  • SHA1

    32582bff29fa200c453db470ccaa6e6ecbc6480b

  • SHA256

    fc5cb386f1a05cf0f6736bd9b9e2d13541d9a67efa49515364e5b20dd0ffab11

  • SHA512

    60d07c5afdfeea0563d963f37ba536761f438418793509d9c3a85e4f79a1a2506df32f12f316f2c4c6a6a6dc1e647be47210e07473d6f86ed9c12943352abe06

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohTF/SjSrbzLAuBjfwFOmoFzMvUpGqC5n+Ngj:n3C9BRo/AIuuFSjA8uBjwI7FjpjC5+Kj

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      49e4470f16bd8d7670427d8961f936e0_NeikiAnalytics.exe

    • Size

      232KB

    • MD5

      49e4470f16bd8d7670427d8961f936e0

    • SHA1

      32582bff29fa200c453db470ccaa6e6ecbc6480b

    • SHA256

      fc5cb386f1a05cf0f6736bd9b9e2d13541d9a67efa49515364e5b20dd0ffab11

    • SHA512

      60d07c5afdfeea0563d963f37ba536761f438418793509d9c3a85e4f79a1a2506df32f12f316f2c4c6a6a6dc1e647be47210e07473d6f86ed9c12943352abe06

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohTF/SjSrbzLAuBjfwFOmoFzMvUpGqC5n+Ngj:n3C9BRo/AIuuFSjA8uBjwI7FjpjC5+Kj

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks