General

  • Target

    4f1b579425b09dd37ba4e79ff5a72200_NeikiAnalytics

  • Size

    211KB

  • Sample

    240511-b4b7eaeb61

  • MD5

    4f1b579425b09dd37ba4e79ff5a72200

  • SHA1

    d1c513b2a3f0809e1ccea95e6a11ccdf22e1483c

  • SHA256

    cfbcf45797965effe65361b7fb54c5be3745750cbd5d06c09317b0c14a4cf003

  • SHA512

    b4eeb6346b6ab7dce15cbdfb04d66e8dabe62809bf74322ea3f8c0cc9f43cb8f128e0839623a9425008b3f3dd3ee99beabd91b39302e1cb7196b81682e68312d

  • SSDEEP

    1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0nj:whOm2sI93UufdC67cizfmCiiiXA/

Malware Config

Targets

    • Target

      4f1b579425b09dd37ba4e79ff5a72200_NeikiAnalytics

    • Size

      211KB

    • MD5

      4f1b579425b09dd37ba4e79ff5a72200

    • SHA1

      d1c513b2a3f0809e1ccea95e6a11ccdf22e1483c

    • SHA256

      cfbcf45797965effe65361b7fb54c5be3745750cbd5d06c09317b0c14a4cf003

    • SHA512

      b4eeb6346b6ab7dce15cbdfb04d66e8dabe62809bf74322ea3f8c0cc9f43cb8f128e0839623a9425008b3f3dd3ee99beabd91b39302e1cb7196b81682e68312d

    • SSDEEP

      1536:wvQBeOGtrYSSsrc93UBIfdC67m6AJiqQfg3Cip8iXAsG5M0nj:whOm2sI93UufdC67cizfmCiiiXA/

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks