General

  • Target

    56c9c86adc0e229fb1c6dd6f211a1940_NeikiAnalytics.exe

  • Size

    334KB

  • Sample

    240517-3weq4shf5y

  • MD5

    56c9c86adc0e229fb1c6dd6f211a1940

  • SHA1

    d7f14208d82558dea83e18b4128f38e0003173bc

  • SHA256

    21a6d44a64793cd1b8b37709cb8f750acfa3d472f44d193973c6a5cff1cf560c

  • SHA512

    85145cbe15c80cc8b45ada2802e37dfa312b713fceca8cfc5381c8af8dd7199aa1bce4282df84adbad5246251a3f2ed0fb486246caa367f6f78807f07c14a95f

  • SSDEEP

    6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/q:x4wFHoS3eFaKHpv/VycgE8oq

Malware Config

Targets

    • Target

      56c9c86adc0e229fb1c6dd6f211a1940_NeikiAnalytics.exe

    • Size

      334KB

    • MD5

      56c9c86adc0e229fb1c6dd6f211a1940

    • SHA1

      d7f14208d82558dea83e18b4128f38e0003173bc

    • SHA256

      21a6d44a64793cd1b8b37709cb8f750acfa3d472f44d193973c6a5cff1cf560c

    • SHA512

      85145cbe15c80cc8b45ada2802e37dfa312b713fceca8cfc5381c8af8dd7199aa1bce4282df84adbad5246251a3f2ed0fb486246caa367f6f78807f07c14a95f

    • SSDEEP

      6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/q:x4wFHoS3eFaKHpv/VycgE8oq

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

    • Detect Blackmoon payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks