Overview

overview

10

Static

static

3

be6e676398...cs.exe

windows7-x64

10

be6e676398...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be6e67639842a59e9777317a030f8100_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240614-pd2ahazfne

  • MD5

    be6e67639842a59e9777317a030f8100

  • SHA1

    08a38e9e2cdac69fcc16ee8f50668b2f60b68f87

  • SHA256

    c4f7914ef82d8c5b5e11c69e0f6db6853a70935743a9df2514b70442323dcf79

  • SHA512

    d7948f97995cd0d58f6fe5bb021385a0053156014ad0820ec33f3c737476dcdb1ff4bfd4a474559471d3bd0b28885b3538d0ab2122d9b1f06dab2a45a941e028

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3K8GwymG:n3C9BRo7MlrWKcpG

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      be6e67639842a59e9777317a030f8100_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      be6e67639842a59e9777317a030f8100

    • SHA1

      08a38e9e2cdac69fcc16ee8f50668b2f60b68f87

    • SHA256

      c4f7914ef82d8c5b5e11c69e0f6db6853a70935743a9df2514b70442323dcf79

    • SHA512

      d7948f97995cd0d58f6fe5bb021385a0053156014ad0820ec33f3c737476dcdb1ff4bfd4a474559471d3bd0b28885b3538d0ab2122d9b1f06dab2a45a941e028

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3K8GwymG:n3C9BRo7MlrWKcpG

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks