Overview

overview

10

Static

static

7

5b92f2427a...cs.exe

windows7-x64

10

5b92f2427a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b92f2427a5f93964fe212e9de9e57c0_NeikiAnalytics.exe

  • Size

    380KB

  • Sample

    240530-aah77aeh3w

  • MD5

    5b92f2427a5f93964fe212e9de9e57c0

  • SHA1

    fb2db1205ec31fa018bca8bf442fb0079d243d30

  • SHA256

    0d9407c8ca4f9e784de928b19a0e5db1ca585c4eba052cc4731ddb42dc88a446

  • SHA512

    4e156955cd9b959aea88c505626f915521e817b2debbea7ba0b061bc542796be084e8d3722bc98dff3979208788b9e89183d063971648f8f08ec8aff1fb1226c

  • SSDEEP

    6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoM:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoE

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      5b92f2427a5f93964fe212e9de9e57c0_NeikiAnalytics.exe

    • Size

      380KB

    • MD5

      5b92f2427a5f93964fe212e9de9e57c0

    • SHA1

      fb2db1205ec31fa018bca8bf442fb0079d243d30

    • SHA256

      0d9407c8ca4f9e784de928b19a0e5db1ca585c4eba052cc4731ddb42dc88a446

    • SHA512

      4e156955cd9b959aea88c505626f915521e817b2debbea7ba0b061bc542796be084e8d3722bc98dff3979208788b9e89183d063971648f8f08ec8aff1fb1226c

    • SSDEEP

      6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVoM:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoE

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks