Overview

overview

10

Static

static

3

128b2457e9...cs.exe

windows7-x64

10

128b2457e9...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    128b2457e9b1a219b9c84d6841fa84c0_NeikiAnalytics.exe

  • Size

    479KB

  • Sample

    240603-3patksdd41

  • MD5

    128b2457e9b1a219b9c84d6841fa84c0

  • SHA1

    cfcdd2f6f32980fc9ff54cb5d753b32be73584a4

  • SHA256

    d25dd510a4755cd9e20452c3ab1a5f9262352a7c1c8b04bcce67ae163dc87765

  • SHA512

    493e514e85a890ddd61a9a1bf2220071ee66e1075680ad3ae8a1a00a8fa2491742be5d86eb7aa97bc26a59291dea152672dc2ba88b4f94f3d8cda0566762e1a1

  • SSDEEP

    6144:Pcm7ImGddXtWrXD486jJq1BStv4Ib1Hm7cs:d7Tc9Wj16A3StvxHs

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      128b2457e9b1a219b9c84d6841fa84c0_NeikiAnalytics.exe

    • Size

      479KB

    • MD5

      128b2457e9b1a219b9c84d6841fa84c0

    • SHA1

      cfcdd2f6f32980fc9ff54cb5d753b32be73584a4

    • SHA256

      d25dd510a4755cd9e20452c3ab1a5f9262352a7c1c8b04bcce67ae163dc87765

    • SHA512

      493e514e85a890ddd61a9a1bf2220071ee66e1075680ad3ae8a1a00a8fa2491742be5d86eb7aa97bc26a59291dea152672dc2ba88b4f94f3d8cda0566762e1a1

    • SSDEEP

      6144:Pcm7ImGddXtWrXD486jJq1BStv4Ib1Hm7cs:d7Tc9Wj16A3StvxHs

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks