Overview

overview

10

Static

static

3

389778591d...cs.exe

windows7-x64

10

389778591d...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    389778591d06e846fecacb32af9d8722523ecbda079006486f4bf9827b1c4e5a_NeikiAnalytics.exe

  • Size

    78KB

  • Sample

    240701-f4jzga1arq

  • MD5

    6733eb5c62878692b9e826a4a5b92050

  • SHA1

    6f43a1fcc1efd4f9f8ff5aac05c1a2ee487edf42

  • SHA256

    389778591d06e846fecacb32af9d8722523ecbda079006486f4bf9827b1c4e5a

  • SHA512

    7f7a82806221c566969c8f4ddeb5c8bb7087ef1d678d577e26d3428813cc84dee6e06dcf1aa3d720fa3aca4d8930190443d2bef6c9bfc89045754f918709cf32

  • SSDEEP

    1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIrmCeRMKeWqNSZevR:ymb3NkkiQ3mdBjFIjek5VvR

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      389778591d06e846fecacb32af9d8722523ecbda079006486f4bf9827b1c4e5a_NeikiAnalytics.exe

    • Size

      78KB

    • MD5

      6733eb5c62878692b9e826a4a5b92050

    • SHA1

      6f43a1fcc1efd4f9f8ff5aac05c1a2ee487edf42

    • SHA256

      389778591d06e846fecacb32af9d8722523ecbda079006486f4bf9827b1c4e5a

    • SHA512

      7f7a82806221c566969c8f4ddeb5c8bb7087ef1d678d577e26d3428813cc84dee6e06dcf1aa3d720fa3aca4d8930190443d2bef6c9bfc89045754f918709cf32

    • SSDEEP

      1536:9Q8hoOAesfYvcyjfS3H9yl8Q1pmdBcxedLxNDIrmCeRMKeWqNSZevR:ymb3NkkiQ3mdBjFIjek5VvR

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks