Overview

overview

10

Static

static

3

4ea2f32768...cs.exe

windows7-x64

10

4ea2f32768...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4ea2f32768c4a5177f9a242f164bb27b0156a57b50f6d3d559647f6481f653c2_NeikiAnalytics.exe

  • Size

    151KB

  • Sample

    240701-nnxvdsyhke

  • MD5

    c14e2d354d65df85b1455b9408b3ca80

  • SHA1

    183ff801fce39cb522e275c6d775a3619148bd29

  • SHA256

    4ea2f32768c4a5177f9a242f164bb27b0156a57b50f6d3d559647f6481f653c2

  • SHA512

    c5c22cca6f64cc6283b61d1b549b7d4d76d392a47128b93d3ba9a047989215cd7d40cef81881b6732092dc084bc400d91de494de93034bc1b15b941bcdab66ca

  • SSDEEP

    3072:ymb3NkkiQ3mdBjFo7LAIRUohDmRG08fKkZEU5hkVaqaK6qa50iKV3:n3C9BRo/AIuuOmfDZEU5OVFik

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      4ea2f32768c4a5177f9a242f164bb27b0156a57b50f6d3d559647f6481f653c2_NeikiAnalytics.exe

    • Size

      151KB

    • MD5

      c14e2d354d65df85b1455b9408b3ca80

    • SHA1

      183ff801fce39cb522e275c6d775a3619148bd29

    • SHA256

      4ea2f32768c4a5177f9a242f164bb27b0156a57b50f6d3d559647f6481f653c2

    • SHA512

      c5c22cca6f64cc6283b61d1b549b7d4d76d392a47128b93d3ba9a047989215cd7d40cef81881b6732092dc084bc400d91de494de93034bc1b15b941bcdab66ca

    • SSDEEP

      3072:ymb3NkkiQ3mdBjFo7LAIRUohDmRG08fKkZEU5hkVaqaK6qa50iKV3:n3C9BRo/AIuuOmfDZEU5OVFik

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks