Overview

overview

10

Static

static

3

54c2272d0a...cs.exe

windows7-x64

10

54c2272d0a...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    54c2272d0a248f421c556fff21de6f4f124ebffa6b8b086b7a3ef51ab45c9eaa_NeikiAnalytics.exe

  • Size

    146KB

  • Sample

    240629-dflr2szbjc

  • MD5

    8dd5865c49a84945fbd333197702eda0

  • SHA1

    a2d456cc26a0ed814d1e177175217ba65fbc0286

  • SHA256

    54c2272d0a248f421c556fff21de6f4f124ebffa6b8b086b7a3ef51ab45c9eaa

  • SHA512

    85fc4ea0b1a37ce445029e37d3148aa23a8fd3881ccf5bb51eb70c97e45184d57dfc892469fe03639f74dbbc4b6fba9c5b515ffb1e0813c457cf2c6b5e71949e

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmklgQs:n3C9BRosxW8MFHLMW7Qs

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      54c2272d0a248f421c556fff21de6f4f124ebffa6b8b086b7a3ef51ab45c9eaa_NeikiAnalytics.exe

    • Size

      146KB

    • MD5

      8dd5865c49a84945fbd333197702eda0

    • SHA1

      a2d456cc26a0ed814d1e177175217ba65fbc0286

    • SHA256

      54c2272d0a248f421c556fff21de6f4f124ebffa6b8b086b7a3ef51ab45c9eaa

    • SHA512

      85fc4ea0b1a37ce445029e37d3148aa23a8fd3881ccf5bb51eb70c97e45184d57dfc892469fe03639f74dbbc4b6fba9c5b515ffb1e0813c457cf2c6b5e71949e

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFosxXGPXbXQMFHLgDWSmklgQs:n3C9BRosxW8MFHLMW7Qs

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks