Overview

overview

10

Static

static

3

20f53204d5...cs.exe

windows7-x64

10

20f53204d5...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    20f53204d5f7d544dd11511d51e875b0_NeikiAnalytics.exe

  • Size

    80KB

  • Sample

    240612-fyywfa1hpa

  • MD5

    20f53204d5f7d544dd11511d51e875b0

  • SHA1

    dae07d1aada686cad4408aee8c7009825cabe84c

  • SHA256

    49a545944b3d9acdf371d8f591b30207cabdaac807aa811728edc088c794ac66

  • SHA512

    8dd660f22a748a2da495cb8d535c74975de7ea8d8b82c531266d0a432f36757543c930eb3890feac2f15586f42e6a5bd0b50ee0b02184d906c86879189912b48

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MwIYSPE3:ymb3NkkiQ3mdBjFo73t+SM3

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      20f53204d5f7d544dd11511d51e875b0_NeikiAnalytics.exe

    • Size

      80KB

    • MD5

      20f53204d5f7d544dd11511d51e875b0

    • SHA1

      dae07d1aada686cad4408aee8c7009825cabe84c

    • SHA256

      49a545944b3d9acdf371d8f591b30207cabdaac807aa811728edc088c794ac66

    • SHA512

      8dd660f22a748a2da495cb8d535c74975de7ea8d8b82c531266d0a432f36757543c930eb3890feac2f15586f42e6a5bd0b50ee0b02184d906c86879189912b48

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDo73t6MwIYSPE3:ymb3NkkiQ3mdBjFo73t+SM3

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks