Overview

overview

10

Static

static

7

3a060a5724...cs.exe

windows7-x64

10

3a060a5724...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3a060a5724f2eeebdd6bfa3f84022ddae9e35311dd9d3a303e3336ed5fbbae1c_NeikiAnalytics.exe

  • Size

    400KB

  • Sample

    240620-f97mqa1hla

  • MD5

    11278348e7dfae9eae0401b206778280

  • SHA1

    5ed1ac56611cbcccc7a6a1e944f2806edb8014c3

  • SHA256

    3a060a5724f2eeebdd6bfa3f84022ddae9e35311dd9d3a303e3336ed5fbbae1c

  • SHA512

    f8ddf0c8c0d4dbea89b68b009e95a4e99f8ca71fc861ac879959cebdf1f9d83e496e25ff52d4bf635c523e368133f73c775fd44056d7b14f631bd007169d5b2e

  • SSDEEP

    6144:Lcm4FmowdHoSHt251UriZFwfsDX2CfNnkymTwaJ3o89H3x+9:R4wFHoSHYHUrAwfMHNnpls48949

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      3a060a5724f2eeebdd6bfa3f84022ddae9e35311dd9d3a303e3336ed5fbbae1c_NeikiAnalytics.exe

    • Size

      400KB

    • MD5

      11278348e7dfae9eae0401b206778280

    • SHA1

      5ed1ac56611cbcccc7a6a1e944f2806edb8014c3

    • SHA256

      3a060a5724f2eeebdd6bfa3f84022ddae9e35311dd9d3a303e3336ed5fbbae1c

    • SHA512

      f8ddf0c8c0d4dbea89b68b009e95a4e99f8ca71fc861ac879959cebdf1f9d83e496e25ff52d4bf635c523e368133f73c775fd44056d7b14f631bd007169d5b2e

    • SSDEEP

      6144:Lcm4FmowdHoSHt251UriZFwfsDX2CfNnkymTwaJ3o89H3x+9:R4wFHoSHYHUrAwfMHNnpls48949

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks