Overview

overview

10

Static

static

7

bfbc4be951...cs.exe

windows7-x64

10

bfbc4be951...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfbc4be951727eb85f998431f31487a0_NeikiAnalytics.exe

  • Size

    161KB

  • Sample

    240615-2jhfss1eqr

  • MD5

    bfbc4be951727eb85f998431f31487a0

  • SHA1

    413c32dce74bfb026e5d7090206be622daa3b141

  • SHA256

    b5dcb1671b4371b20a9ae063228a5929a6e5ac137fba46477c657ed972b443e5

  • SHA512

    f4e653bd9bbc462c2b2fb8dca82e0f378e7b68c6bf1a11ab7a74a2ee97b8839f6f48d1f1df9af86c50b9614563c41f2d2df208b886a0e32cc134a867b417bd71

  • SSDEEP

    3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLV:ccm4FmowdHoSi9EQ

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      bfbc4be951727eb85f998431f31487a0_NeikiAnalytics.exe

    • Size

      161KB

    • MD5

      bfbc4be951727eb85f998431f31487a0

    • SHA1

      413c32dce74bfb026e5d7090206be622daa3b141

    • SHA256

      b5dcb1671b4371b20a9ae063228a5929a6e5ac137fba46477c657ed972b443e5

    • SHA512

      f4e653bd9bbc462c2b2fb8dca82e0f378e7b68c6bf1a11ab7a74a2ee97b8839f6f48d1f1df9af86c50b9614563c41f2d2df208b886a0e32cc134a867b417bd71

    • SSDEEP

      3072:chOmTsF93UYfwC6GIoutieyhC2lbgGi5yLV:ccm4FmowdHoSi9EQ

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks