General

  • Target

    572b0b353f5eb57fefda498b434c9ca0_NeikiAnalytics.exe

  • Size

    198KB

  • Sample

    240517-3w73nahf9x

  • MD5

    572b0b353f5eb57fefda498b434c9ca0

  • SHA1

    43114e96f1e4dc4ad074ecd8028ad160faca9308

  • SHA256

    d7d78a3002b5d8130ef546e9299a8bbf0085664728a7ea08ee6f417bf89d0750

  • SHA512

    d0920488174a2d6f31006f65cf2ce2b3fe2ef09b8ecfced03c3fda26f99eb0b3fb244ae81c9102b9e1fb081c11e73fcd6c2172e2c1a6cad2080b21e4ef867b6f

  • SSDEEP

    3072:ZhOmTsF93UYfwC6GIoutFza6BhOmTsUm82xpi8rY9AABa1JePQKN1hJCU:Zcm4FmowdHoSha6Bcm4JddW7Y6XJCU

Malware Config

Targets

    • Target

      572b0b353f5eb57fefda498b434c9ca0_NeikiAnalytics.exe

    • Size

      198KB

    • MD5

      572b0b353f5eb57fefda498b434c9ca0

    • SHA1

      43114e96f1e4dc4ad074ecd8028ad160faca9308

    • SHA256

      d7d78a3002b5d8130ef546e9299a8bbf0085664728a7ea08ee6f417bf89d0750

    • SHA512

      d0920488174a2d6f31006f65cf2ce2b3fe2ef09b8ecfced03c3fda26f99eb0b3fb244ae81c9102b9e1fb081c11e73fcd6c2172e2c1a6cad2080b21e4ef867b6f

    • SSDEEP

      3072:ZhOmTsF93UYfwC6GIoutFza6BhOmTsUm82xpi8rY9AABa1JePQKN1hJCU:Zcm4FmowdHoSha6Bcm4JddW7Y6XJCU

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks