blackmoon | 4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3 | Triage

Submit
Reports

Overview

overview

Static

static

3

4ec436b5b6...cs.exe

windows7-x64

4ec436b5b6...cs.exe

windows10-2004-x64

Sharing

General

Target

4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3_NeikiAnalytics.exe
Size

971KB
Sample

240701-nppv6syhmg
MD5

e4b023d3d6614ff3fdeb2d19ecfb2730
SHA1

a21963f0063f58e4f1a949d792b6a080e4766d8d
SHA256

4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3
SHA512

8c924710b8245033a1fd3b2c91791865ac7f791a6d53ef59ad9b3dec46b7261b2eb7f588bb98a2be729f12f5a6d2c52073879b66c61a2e1e4db5e593307e76dd
SSDEEP

12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOj:SgD4bhoqLDqYLagB6Wj1+Cyt

Score

10^/10

blackmoon banker trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3_NeikiAnalytics.exe

Resource

win7-20240611-en

blackmoon banker trojan upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

blackmoon banker trojan upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3_NeikiAnalytics.exe
- Size
  
  971KB
- MD5
  
  e4b023d3d6614ff3fdeb2d19ecfb2730
- SHA1
  
  a21963f0063f58e4f1a949d792b6a080e4766d8d
- SHA256
  
  4ec436b5b6256b13ef4a6dfb6074c29788f136f0de8424db620da42907472fd3
- SHA512
  
  8c924710b8245033a1fd3b2c91791865ac7f791a6d53ef59ad9b3dec46b7261b2eb7f588bb98a2be729f12f5a6d2c52073879b66c61a2e1e4db5e593307e76dd
- SSDEEP
  
  12288:n3C9yMo+S0L9xRnoq7H9xqYL04iVypNKvzcMwdBS3b3aoqYveXVadBlHD+CURPOj:SgD4bhoqLDqYLagB6Wj1+Cyt
Score

10^/10

blackmoon banker trojan upx
- Blackmoon, KrBanker
  Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.
  trojan banker blackmoon
- Detect Blackmoon payload
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blackmoonbankertrojanupx

behavioral2

blackmoonbankertrojanupx

© 2018-2024

Terms | Privacy