blackmoon | b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

b54dda49a4...cs.exe

windows7-x64

b54dda49a4...cs.exe

windows10-2004-x64

Sharing

General

Target

b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a_NeikiAnalytics.exe
Size

91KB
Sample

240629-v6lcmssbmc
MD5

16ae94277796c64ad2ecd25b1d6d34c0
SHA1

b83e291170dcc213aff6efcbd804d53f6b687158
SHA256

b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a
SHA512

b7ddc55408498c0535e937a9e46c4cd0b20c3198a1d09cad232a327012cd6a2f418a7d916f5c60d3cc8022b5011d4cc1e6446b92e4dd181b35015a3d1ee28094
SSDEEP

1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBV:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBx

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a_NeikiAnalytics.exe

Resource

win7-20240508-en

blackmoon banker trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a_NeikiAnalytics.exe
- Size
  
  91KB
- MD5
  
  16ae94277796c64ad2ecd25b1d6d34c0
- SHA1
  
  b83e291170dcc213aff6efcbd804d53f6b687158
- SHA256
  
  b54dda49a473910eaf8a39e808f500baadaa308bbd9408d17fcfc516bca6e40a
- SHA512
  
  b7ddc55408498c0535e937a9e46c4cd0b20c3198a1d09cad232a327012cd6a2f418a7d916f5c60d3cc8022b5011d4cc1e6446b92e4dd181b35015a3d1ee28094
- SSDEEP
  
  1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIQIDyviFxx2hCtgIMLP9rBZaRBV:ymb3NkkiQ3mdBjFIVLd2hWZGreRCYBx
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2025

Terms | Privacy