Overview

overview

10

Static

static

3

12b4e17fbd...cs.exe

windows7-x64

10

12b4e17fbd...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12b4e17fbd17bddb1c2ab956cb8967b52dcb84a47b876b360feedef324e88603_NeikiAnalytics.exe

  • Size

    228KB

  • Sample

    240630-aqx2aazgkg

  • MD5

    c2ccf8e46a0bde91e93fb16e23804070

  • SHA1

    161fb93ebde0bd3c3f68c50ae8ab32a2f6d0e5f7

  • SHA256

    12b4e17fbd17bddb1c2ab956cb8967b52dcb84a47b876b360feedef324e88603

  • SHA512

    f0a076e846ec5efa1da134ee69358ef6bac4ae699229ad4da2f04389f3634b6926b21dc0ddb0002fff4650e1916dfd599aafb3cee8bb74355f1f709b4b5770f8

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBeG1:n3C9BRo7MlrWKo+lxKb

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      12b4e17fbd17bddb1c2ab956cb8967b52dcb84a47b876b360feedef324e88603_NeikiAnalytics.exe

    • Size

      228KB

    • MD5

      c2ccf8e46a0bde91e93fb16e23804070

    • SHA1

      161fb93ebde0bd3c3f68c50ae8ab32a2f6d0e5f7

    • SHA256

      12b4e17fbd17bddb1c2ab956cb8967b52dcb84a47b876b360feedef324e88603

    • SHA512

      f0a076e846ec5efa1da134ee69358ef6bac4ae699229ad4da2f04389f3634b6926b21dc0ddb0002fff4650e1916dfd599aafb3cee8bb74355f1f709b4b5770f8

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo73PYP1lri3KoSV31x4xLjBeG1:n3C9BRo7MlrWKo+lxKb

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks