Overview

overview

10

Static

static

7

bf4b9e71f1...cs.exe

windows7-x64

10

bf4b9e71f1...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf4b9e71f1e251ae5e86ccc4a5021fe0_NeikiAnalytics.exe

  • Size

    453KB

  • Sample

    240601-ln6q7aha3x

  • MD5

    bf4b9e71f1e251ae5e86ccc4a5021fe0

  • SHA1

    3bb841693f6a263b7616f08655874fb3827b9fbd

  • SHA256

    d05985d3bb9dde5163eca2e037d8a398d96b280177f5ac9b375a7c4ae483e76f

  • SHA512

    21f8fb8f4b031f9ba5773a86b4efa80a9e65a625da67b8f38d8852ba9f9cd1d417fdac7c83cd56d173d3f81c83b7d0c36213628978600606c8a9311f37fdbd69

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNmC:x4wFHoS3eFaKHpv/VycgE81lgF

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      bf4b9e71f1e251ae5e86ccc4a5021fe0_NeikiAnalytics.exe

    • Size

      453KB

    • MD5

      bf4b9e71f1e251ae5e86ccc4a5021fe0

    • SHA1

      3bb841693f6a263b7616f08655874fb3827b9fbd

    • SHA256

      d05985d3bb9dde5163eca2e037d8a398d96b280177f5ac9b375a7c4ae483e76f

    • SHA512

      21f8fb8f4b031f9ba5773a86b4efa80a9e65a625da67b8f38d8852ba9f9cd1d417fdac7c83cd56d173d3f81c83b7d0c36213628978600606c8a9311f37fdbd69

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNmC:x4wFHoS3eFaKHpv/VycgE81lgF

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks