Overview

overview

10

Static

static

3

21e503679a...cs.exe

windows7-x64

10

21e503679a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    21e503679a62b666e270e1662410cb40_NeikiAnalytics.exe

  • Size

    72KB

  • Sample

    240603-yl46ssga21

  • MD5

    21e503679a62b666e270e1662410cb40

  • SHA1

    9a1fac33d75ab7ce255e8cb4de4bdabe3e092014

  • SHA256

    654baa2fe470c1f9f5c32d860220002af96c3e15f920ca4b101801119e1a8739

  • SHA512

    f1b6ac105a27af12f83bb3015e2961b8f3ddcfc44687c4e468faf63a9615c973160123b736d01b50be7c49f515abb1e375bb0355b515b39b0c6cfc13410ca6dc

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPVxX:ymb3NkkiQ3mdBjFIfvTfCD+HlQLX

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      21e503679a62b666e270e1662410cb40_NeikiAnalytics.exe

    • Size

      72KB

    • MD5

      21e503679a62b666e270e1662410cb40

    • SHA1

      9a1fac33d75ab7ce255e8cb4de4bdabe3e092014

    • SHA256

      654baa2fe470c1f9f5c32d860220002af96c3e15f920ca4b101801119e1a8739

    • SHA512

      f1b6ac105a27af12f83bb3015e2961b8f3ddcfc44687c4e468faf63a9615c973160123b736d01b50be7c49f515abb1e375bb0355b515b39b0c6cfc13410ca6dc

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIfv7+afCD+QsQbKQPVxX:ymb3NkkiQ3mdBjFIfvTfCD+HlQLX

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks