Overview

overview

10

Static

static

3

2768556ff2...cs.exe

windows7-x64

10

2768556ff2...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2768556ff2fe01a160d69cdc02e90917c7a0299aacfeab7a04cbe5b398a3e2b9_NeikiAnalytics.exe

  • Size

    476KB

  • Sample

    240701-axh6pstflm

  • MD5

    6308bab32af438b0c71090b1abdd94c0

  • SHA1

    a1b8803b66de2bc3ae44edf6794d629e467e47ae

  • SHA256

    2768556ff2fe01a160d69cdc02e90917c7a0299aacfeab7a04cbe5b398a3e2b9

  • SHA512

    589dd30f485d59dbaeb3217f26f05828aabec9466317822002da7770dab76ae194b3c715c368d5763278cb013fdebcb4adf770189b6c00a5244e9ba15753b9c8

  • SSDEEP

    6144:8cm7ImGddXmNt251UriZFwT+aZKlumArSPBXuGsY:q7Tc2NYHUrAwT+OKomA+5u4

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      2768556ff2fe01a160d69cdc02e90917c7a0299aacfeab7a04cbe5b398a3e2b9_NeikiAnalytics.exe

    • Size

      476KB

    • MD5

      6308bab32af438b0c71090b1abdd94c0

    • SHA1

      a1b8803b66de2bc3ae44edf6794d629e467e47ae

    • SHA256

      2768556ff2fe01a160d69cdc02e90917c7a0299aacfeab7a04cbe5b398a3e2b9

    • SHA512

      589dd30f485d59dbaeb3217f26f05828aabec9466317822002da7770dab76ae194b3c715c368d5763278cb013fdebcb4adf770189b6c00a5244e9ba15753b9c8

    • SSDEEP

      6144:8cm7ImGddXmNt251UriZFwT+aZKlumArSPBXuGsY:q7Tc2NYHUrAwT+OKomA+5u4

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks