General

  • Target

    55dbd08b8861305cbe0aa6137df8af90_NeikiAnalytics.exe

  • Size

    361KB

  • Sample

    240517-3s54wshe21

  • MD5

    55dbd08b8861305cbe0aa6137df8af90

  • SHA1

    1669e3ba683df0b4d29236c8e0b782531a3218dc

  • SHA256

    05d4c8caffae7b24283f36b5b0976740ef1b896695b952636b361e7e74d066c2

  • SHA512

    bd60c7c53f9843a9ba14305dbc03a10e398dfd38b2be9b7c2cc25a5d044dd7f9f592db7010fc7b7d81bf6e76d3518b0c8a98e390ccbe9a8852aff23cd3fe9f59

  • SSDEEP

    6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuL:n3C9ytvngQj429nnzeZhBQ

Malware Config

Targets

    • Target

      55dbd08b8861305cbe0aa6137df8af90_NeikiAnalytics.exe

    • Size

      361KB

    • MD5

      55dbd08b8861305cbe0aa6137df8af90

    • SHA1

      1669e3ba683df0b4d29236c8e0b782531a3218dc

    • SHA256

      05d4c8caffae7b24283f36b5b0976740ef1b896695b952636b361e7e74d066c2

    • SHA512

      bd60c7c53f9843a9ba14305dbc03a10e398dfd38b2be9b7c2cc25a5d044dd7f9f592db7010fc7b7d81bf6e76d3518b0c8a98e390ccbe9a8852aff23cd3fe9f59

    • SSDEEP

      6144:n3C9BRo7tvnJ9oH0IRgZvjD8296gnzeZhBuL:n3C9ytvngQj429nnzeZhBQ

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks