Overview

overview

10

Static

static

3

232f8fa5c7...cs.exe

windows7-x64

10

232f8fa5c7...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    232f8fa5c726aec4d18f29637d68b37aa44785c447ccf20521f7ca4e430b7af4_NeikiAnalytics.exe

  • Size

    488KB

  • Sample

    240625-czr8hawdpg

  • MD5

    0b572bc2e5f9f415f5af633466fe2190

  • SHA1

    17232d031da47854e5c5762b4566f60c740c14a7

  • SHA256

    232f8fa5c726aec4d18f29637d68b37aa44785c447ccf20521f7ca4e430b7af4

  • SHA512

    d5efbffa60ebc2118c4e4cb39bd0ac04282e0f5ae4ca20572c5b0aeb161b3c8f8839bc9f542c434f2be785ef2a1dd8d4482b41e1c1ea732da4eda08f2e60b1d1

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwu1b26X1wjdgyPPB0:q7Tc2NYHUrAwqzQ7PP2

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      232f8fa5c726aec4d18f29637d68b37aa44785c447ccf20521f7ca4e430b7af4_NeikiAnalytics.exe

    • Size

      488KB

    • MD5

      0b572bc2e5f9f415f5af633466fe2190

    • SHA1

      17232d031da47854e5c5762b4566f60c740c14a7

    • SHA256

      232f8fa5c726aec4d18f29637d68b37aa44785c447ccf20521f7ca4e430b7af4

    • SHA512

      d5efbffa60ebc2118c4e4cb39bd0ac04282e0f5ae4ca20572c5b0aeb161b3c8f8839bc9f542c434f2be785ef2a1dd8d4482b41e1c1ea732da4eda08f2e60b1d1

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwu1b26X1wjdgyPPB0:q7Tc2NYHUrAwqzQ7PP2

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks